RSA With Certificates

Hello everyone.In last blog we have seen how RSA encryption technique practically works. We generated the public-private key pair from CryptoServiceProvider class present in .Net framework but in real world we never use the key generated from this class. The reason behind this is every time whenever your application using RSA implementation is fired, there will be a new pair of key generated and it will not use old key pair. Imagine a scenario where the public key need to be stored in database.In such case every time a new key pair is generated you have to store that in database overriding the previous one. Also generating keys from this class has some drawbacks.

Drawbacks:
1. Overhead of overriding the newly generated key-pair in database each time the application is fired
2. Padding problem
3. If using cross platform encryption-decryption (e.g. encryption in .Net and decryption in java or vice-versa) then encoding,padding,mode etc are the issues which can be encountered.

To avoid this one should always use Certificates for generating public-private key pair. It has lots of advantages as compared to old mechanism.
Consider a real world scenario where you want to make a payment through Credit card. The client need to pass Credit card details along with some other information to the application that will make the payment. The client application is built in .Net and the receiver application is built in Java. As we all know that credit card details are vulnerable to be hacked so we will protect them using some mechanism while passing it through network. We might use any encryption technique to hide the original details or masking the value. In such case if we are using RSA encryption technique then cross platform encryption decryption becomes a serious problem as we have discussed above.

So to overcome this type of scenario one can install certificates on both client and receiver machine. This will automatically adjust all padding, mode and encoding related issue while using cross platform encryption decryption process.

In this blog, we will discuss that the receiver has the public private key pair generated from Certificates.He is providing the public key in string format so that we can easily stored that key in database and whenever required we can access that public key from our database and can use it for encryption.

But as we seen in last blog that to use encrypt inbuilt function one has to convert the key in string format to key in XML string format. After that only we can pass that key for encryption purpose.

So we will see how to convert a key in string format to key in xml string format through code:

For local use of RSA encryption we can use key generated from .Net inbuilt class. If you this key is stored in string format in database and you need to convert it to XML string format then use below code



Similarly if the key is generated from certificate and you want to convert it to XML string format then use below function












Note: To use above function for certificate import below namespace in your code:

• System.Security.Cryptography.X509Certificates

And rest of the procedure is similar to encrypt and decrypt as seen in previous blog.

RSA implementation : RSA-Implementaion

Thanks for reading and feel free to leave your feedback.

RSA-Implementation

Hello everyone. Here I am back with my second blog. In last blog we discussed what is Asymmetric encryption and what are it's type. We discussed RSA encryption technique with its mathematical computation in detail. So in today's blog, we will discussed how to use RSA encryption technique in real world.

I will use VS 2012 with .Net framework 4.5 to demonstrate the code.

I am going to make a windows form application for demonstrating purpose. Follow below steps to make windows form application:
1. Open VS 2012
2. Select a new windows application project i.e.(File->New project -> Windows application template) and give it a meaning full name.

Add a class file to the solution and name it as encryption

Import below namespaces in Form.cs and encryption.cs file

• System.Security.Cryptography: This class will provide us the access to utilize inbuilt RSA encryption function.

Now add two buttons and three text boxes to the form. Below is the design of the form

In Form.cs file declare the variables that are required. Please refer below code

Now to generate the public-private key pair use below code. Place this code in encryption.cs file

Let us look at above code what it's exact functionality:

• rsaEncryptionPadding: This is used to specify whether we required padding in the data which we need to encrypt.We will see the significance of this Boolean variable below.
• RSACryptoServiceProvider: This class is present inside System.Security namespace. This class help us to generate both public and private key.
• keySize: This is size of the key defined by the user. It can be 128 or 256 bytes.We will see below what maximum key size can be assign to RSACryptoServiceProvider class
• publicKey: This variable is used to hold the public key in xml string format
• privateKey: This variable is used to hold the private key in xml string format.

We will discuss why it is in xml string format below ?

 Public key:

Private Key:

In code behind file of encryption button paste below code:

In above code we are just taking the input from the user and storing it in plaintext variable. Then we are calling GenerateKeys method by passing it the above shown parameters. This method generates the public-private key for us. Then with the help of public key we are calling the Encrypt function present in encryption.cs file.

Note: You can place all these code inside the form.cs file also. I have separated it to make code more understandable.

Encryption Functionality:

Place the below code in encryption.cs file

Let us take a look at above code:
GetMaxDataLength(): This function is used to check the length of the data after it is converted into bytes. The maximum bytes which RSA support is 245 bytes if padding is not applied or else 215 bytes if padding is applied. We have specified above the padding variable.

IsKeySizeValid(): This function is used to check whether the key size specified by the user is valid or not.
It is a good practice to use both these functions whenever you are using RSA encryption.

RSACryptoServiceProvider.Encrypt(): This is the .net inbuilt encryption method to encrypt plain text. This method takes the public key in xml string format only. This was the reason why we converted our public-private key into xml format.To this method we pass the data along with specifying padding or not. Always keep in mind that this method accepts data in byte format.

Decryption functionality:

In code behind file of decrypt button place below code






And in encryption.cs file place below code

The logic is same as encryption but we are using private key for decryption purpose.

Output:

So guys, hopefully you have understood how to code RSA encryption programmatically. In my next blog we will discuss how to use a key generated from Certificate. We will also cover how to convert that generated key into xml string format. Have a nice day.
Bye!!!!!