RSA Encryption

  • Thread starter Thread starter no game
  • Start date Start date
N

no game

Can I encrypt data more than 117 bytes in C# (can use CAPICOM and
Crypto API libraries) using RSA 1024 bit.

Any sample code would be appreciated.

Thanks
 
no game said:
Can I encrypt data more than 117 bytes in C# (can use CAPICOM and
Crypto API libraries) using RSA 1024 bit.

Any sample code would be appreciated.
Click to expand...

I don't see why not - why would more than 117 bytes be a problem?

See RSACryptoServiceProvider for some sample code. (I haven't checked
how good it is.)
 
I think the problem with that solution is that the client and us only
exchange certificate (public key) created by RSA 1024 algorithm, and
the data could be hundreds of bytes. We don't share our algorithm, try
to do everything in standard encryption which the client ask us to do,
we can not tell them there will be a IV and Key to be extracted first
and then do a symmetric decryption.

I know in java, we just need to share our own public key then we can
encrypt and decrypt data.

In C# I have another problem of create a certificate and I can get the
private key into RSAParameter class.

Thanks
 
The 117 byte limit is related to the size of the Asymetric key size. You
can only encrypt in block of something < key size depending on what padding
is being used. However, most use a faster symmetric algo like AES
(Rijindael) then encrypt the key and IV with an RSA symmetric key.
 
The return byte array of encrypt method is 128 bytes, and there are
also padding, so the longest data is only 117 bytes.
 
Before we go any farther here, please outline the steps again. What is the
config. Who is the client, who is the server, or is it peer-to-peer?. Is
A always pulling data from B or both ways? Little more background will
help. Also, as you may know, you don't need certs to use RSA key pairs.
 
The client will send us data encrypted using our public key, which use
RSA 1024bit algorithm, we use our own private key to decrypt the
message, the data send to us will be over 200 bytes, and we also need
to send reply data use their private key too, the data could be 300 or
more bytes. The configuration doesn't include any IV keys and symmetric
algorithm.



Thanks
 
no game said:
The return byte array of encrypt method is 128 bytes, and there are
also padding, so the longest data is only 117 bytes.
Click to expand...

Don't use the Encrypt method - use a CryptoStream.
 
Normally how this works is:
1) Client has your public key only.
2) You have Client's public key only.
3) Client encrypts data with public key and sends (optionally signs hash of
encrypted data using clients private key)
4) You verify signature using clients' public key.
5) You decrypt data using your private key.
6) You encrypt reply using client's public key (optionally sign hash of
encrypted data using your private key)

However asymmetric keys are normally only used to encrypt small amounts of
data like symmetric keys and sign and verify signatures. That is because
asymmetric encryption is many times slower then symmetric encryptions like
AES/Rijndale. So create a new random symmetric key for each request/reply
and encrypt it as above using the RSA keys. Then encrypt the data/payload
with AES and send both the encrypted data and the encrypted key to the other
party. The other party decrypts the symmetric key using its' private RSA
key and decrypts the payload using the session key. The reply can use the
same session key for the encrypted AES reply or start a new.
 
For RSA 1024 bit encryption,

Is it mean the output number of byte is always 128 bytes, and you can
not encrypt more than 128 bytes of data.

Thanks
 
That is what I was saying. You can't actually encrypt 128 because of the
padding. Maybe you can if no padding is used, but not sure. It is key size
related, so a larger key can encrypt more bytes. But normally you will want
a symmetric encryption for large amounts of data.
 
Just to confirm, this 128 byte limit is not the limit of C# or .net,
this is a limit set by the RSA 1024 bit algorithm. Am I making the
right statement here?


Thanks
 
Do you know is there any official document out there that talking about
RSA 1024 means output data is 128 bytes, and RSA 2048 means output data
is 256 bytes etc.

Thanks
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Encryption in C# 6
Error:"Key not valid for use in specified state" for "RSACryptoServiceProvider.Encrypt()" 0
No way to encrypt with private key in C#? 17
Cross Platform encryption/decryption 4
How to pass a vc++ BSTR value to C#.Net 12
AES-256-NI encryption/decryption using c# / .NET 1
"Bad Data" error and issues with Streams 4
Help me please! RSA Encrypt with .Net C# 1

Back
Top