By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,573 Members | 1,939 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,573 IT Pros & Developers. It's quick & easy.

RSA Principals

P: n/a
Nak
Hi there,

I have just managed to get some methods together that encrypt data using
RSA encryption. 2 Keys are serialized and saved as files, one public and
one private, this way I can specify which key is used to decrypt/encrypt the
data, all works well, except...

I was under the impression that with RSA encryption you could do the
following,

1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*
3. Encrypt data (y) using the private key *ok*
4. Decrypt data (y) using the public key *problem*
5. Encrypt data (z) using the public key *ok*
6. Decrypt data (z) using the public key *problem*
7. Encrypt data (a) using the private key *ok*
8. Decrypt data (a) using the private key *ok*

I wasn't *totally* sure on the concepts of RSA encryption, maybe I have
written something wrong along the lines? Either that or the articles I have
been reading are wrong (which is more that possible). Anyone got any
thoughts on this? Thanks in advance.

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #1
Share this Question
Share on Google+
5 Replies


P: n/a
there are two versions of rsa...rsa and rsa2. are both computers using the
same rsa protocol version?
"Nak" <a@a.com> wrote in message
news:uV**************@TK2MSFTNGP10.phx.gbl...
Hi there,

I have just managed to get some methods together that encrypt data using RSA encryption. 2 Keys are serialized and saved as files, one public and
one private, this way I can specify which key is used to decrypt/encrypt the data, all works well, except...

I was under the impression that with RSA encryption you could do the
following,

1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*
3. Encrypt data (y) using the private key *ok*
4. Decrypt data (y) using the public key *problem*
5. Encrypt data (z) using the public key *ok*
6. Decrypt data (z) using the public key *problem*
7. Encrypt data (a) using the private key *ok*
8. Decrypt data (a) using the private key *ok*

I wasn't *totally* sure on the concepts of RSA encryption, maybe I have written something wrong along the lines? Either that or the articles I have been reading are wrong (which is more that possible). Anyone got any
thoughts on this? Thanks in advance.

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ "No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\

Nov 20 '05 #2

P: n/a
Nak
Hi there,
there are two versions of rsa...rsa and rsa2. are both computers using the
same rsa protocol version?


Hmm, it's just being implemented locally using the .NET Frameworks RSA
classes. Hmm, 2 versions huh? Does the other version allow for the 2 items
that didn't work for me using the one I have at the moment?

Nick.

~~recap~~~
1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*
3. Encrypt data (y) using the private key *ok*
4. Decrypt data (y) using the public key *problem*
5. Encrypt data (z) using the public key *ok*
6. Decrypt data (z) using the public key *problem*
7. Encrypt data (a) using the private key *ok*
8. Decrypt data (a) using the private key *ok*


--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #3

P: n/a

I think you misunderstand how RSA works.

The public key is used for "encryption" and "verification" while the private
key is used for "decryption" and "signing" (digital signature).

Also, the typical use for RSA encryption is for encrypting symmetric keys.
That is, you generate, for example, a TripleDES key, use that to encrypt
your data, then use RSA public key to encrypt the TripleDES key and send all
these to the recipient who then uses the private key to decrypt the
TripleDES key which he then uses to decrypt the data.

Here is what you should have done:
1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*

3. Sign data (y) using the private key *ok* [this generates a
digital signature (128KB)]
4. Verify signed data (y) using the public key *ok* [provide digital
signature and data that was signed]

Cheers,

Taiwo

"Nak" <a@a.com> wrote in message
news:uV**************@TK2MSFTNGP10.phx.gbl...
Hi there,

I have just managed to get some methods together that encrypt data using RSA encryption. 2 Keys are serialized and saved as files, one public and
one private, this way I can specify which key is used to decrypt/encrypt the data, all works well, except...

I was under the impression that with RSA encryption you could do the
following,

1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*
3. Encrypt data (y) using the private key *ok*
4. Decrypt data (y) using the public key *problem*
5. Encrypt data (z) using the public key *ok*
6. Decrypt data (z) using the public key *problem*
7. Encrypt data (a) using the private key *ok*
8. Decrypt data (a) using the private key *ok*

I wasn't *totally* sure on the concepts of RSA encryption, maybe I have written something wrong along the lines? Either that or the articles I have been reading are wrong (which is more that possible). Anyone got any
thoughts on this? Thanks in advance.

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ "No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\

Nov 20 '05 #4

P: n/a
Nak
Hi Taiwo,
I think you misunderstand how RSA works.
Yup, unfortunately that's what happens when you believe what you read :-(
The public key is used for "encryption" and "verification" while the private key is used for "decryption" and "signing" (digital signature).
Right, I know I can do both of those. I didn't realise that the digital
signing process could be done in VB.NET code, that sounds like something I
want to do actually. I shall have to look that up, unless you could point
me in the right direction of course? And I can digitally sign *any* data
can I?
Also, the typical use for RSA encryption is for encrypting symmetric keys.
That is, you generate, for example, a TripleDES key, use that to encrypt
your data, then use RSA public key to encrypt the TripleDES key and send all these to the recipient who then uses the private key to decrypt the
TripleDES key which he then uses to decrypt the data.
Aah, I haven't done any TrippleDES, I presume that it is another form of
encryption? But isn't RSA used with SSL connections via HTTPS? Or does that
employ TrippleDES also, I'm slightly confused now because I was under the
impression that the *public* key could be made *public" knowledge anyway,
and that 2 sets of yeys would need to be made for 2 way encryption, hmmm, I
think I must have misunderstanding.
Here is what you should have done:
1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*
Check :-)
3. Sign data (y) using the private key *ok* [this generates a
digital signature (128KB)]
4. Verify signed data (y) using the public key *ok* [provide digital signature and data that was signed]
Is that process simply encrypting then decrypting with the private key? Or
is a digital signature actually attached to the file? If I were to
digitally sign an XML file (If possible) would the data actually be visible
within an XML editor? or is the data left intact? More research needing to
be done by myself I think :-(

"there was much rejoycing.... yay"

Thanks bunches for your help!

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"Taiwo" <ta*****@hotmail.com> wrote in message
news:O8**************@TK2MSFTNGP09.phx.gbl...

Cheers,

Taiwo

"Nak" <a@a.com> wrote in message
news:uV**************@TK2MSFTNGP10.phx.gbl...
Hi there,

I have just managed to get some methods together that encrypt data

using
RSA encryption. 2 Keys are serialized and saved as files, one public and one private, this way I can specify which key is used to decrypt/encrypt

the
data, all works well, except...

I was under the impression that with RSA encryption you could do the
following,

1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*
3. Encrypt data (y) using the private key *ok*
4. Decrypt data (y) using the public key *problem*
5. Encrypt data (z) using the public key *ok*
6. Decrypt data (z) using the public key *problem*
7. Encrypt data (a) using the private key *ok*
8. Decrypt data (a) using the private key *ok*

I wasn't *totally* sure on the concepts of RSA encryption, maybe I

have
written something wrong along the lines? Either that or the articles I

have
been reading are wrong (which is more that possible). Anyone got any
thoughts on this? Thanks in advance.

Nick.

--

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\


Nov 20 '05 #5

P: n/a

"Nak" <a@a.com> wrote in message
news:%2***************@TK2MSFTNGP09.phx.gbl...
Hi Taiwo,
I think you misunderstand how RSA works.
Yup, unfortunately that's what happens when you believe what you read :-(
The public key is used for "encryption" and "verification" while the

private
key is used for "decryption" and "signing" (digital signature).


Right, I know I can do both of those. I didn't realise that the digital
signing process could be done in VB.NET code, that sounds like something I
want to do actually. I shall have to look that up, unless you could point
me in the right direction of course? And I can digitally sign *any* data
can I?


Look at the SignData and VerifyData methods of the RSACryptoServiceProvider
class.
Also, the typical use for RSA encryption is for encrypting symmetric keys.
That is, you generate, for example, a TripleDES key, use that to encrypt
your data, then use RSA public key to encrypt the TripleDES key and send

all
these to the recipient who then uses the private key to decrypt the
TripleDES key which he then uses to decrypt the data.


Aah, I haven't done any TrippleDES, I presume that it is another form of
encryption? But isn't RSA used with SSL connections via HTTPS? Or does

that employ TrippleDES also, I'm slightly confused now because I was under the
impression that the *public* key could be made *public" knowledge anyway,
and that 2 sets of yeys would need to be made for 2 way encryption, hmmm, I think I must have misunderstanding.

SSL uses both symmetric (TripleDES, AES, etc.) and assymetric (RSA)
encryption. Because RSA encryption of large data sets is
processor-intensive, what SSL does is to use symmetric encryption for the
payload but exchange the symmetric keys used via assymetric (RSA)
encryption. That is, it is cheaper to use RSA encryption on the keys which
are of known sizes (128-bit, 256-bit, etc.). I hope that's a bit clearer...
Here is what you should have done:
1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*


Check :-)
3. Sign data (y) using the private key *ok* [this generates a
digital signature (128KB)]
4. Verify signed data (y) using the public key *ok* [provide

digital
signature and data that was signed]


Is that process simply encrypting then decrypting with the private key? Or
is a digital signature actually attached to the file? If I were to
digitally sign an XML file (If possible) would the data actually be

visible within an XML editor? or is the data left intact? More research needing to be done by myself I think :-(

To answer your specific question, the XML file will still be visible.
Digital signature is not used to hide information but rather to guarantee
that data was sent by a known entity and that the data hasn't been modified
while in transit.

A digital signature is simply a one-way cryptographic hash. This implies
that different data sets will resolve to different cryptographic hashes.
When you compute the digital signature of your XML file with your private
key, you must send the digital signature and the XML file to the recepient.
If the recepient can use your public key to "verify" that the digital
signature sent along with the XML file is correct and was computed using
your private key, it means that you were actually the sender (a concept
called non-repudiation).

If you need to hide/encrypt the data in the XML file, do this:
- Generate a symmetric key (TripleDES or Rijndael)
- Encrypt your XML data using the symmetric key
- Compute the hash (digital signature) of the encrypted XML data using your
private key
- ***Encrypt the symmetric key with the recepient's public key
- Send the encrypted XML data, the digital signature, and the encrypted
symmetric key to the recepient
- The recepient will use your public key to verify that you're the sender of
the encrypted XML data by verifying the digital signature for the XML data
- ***The recepient will then use his/her private key to decrypt the
encrypted symmetric key
- The recepient will then use the decrypted symmetric key to decrypt the
encrypted XML data

---
Taiwo
"there was much rejoycing.... yay"

Thanks bunches for your help!

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ "No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ "Taiwo" <ta*****@hotmail.com> wrote in message
news:O8**************@TK2MSFTNGP09.phx.gbl...






Cheers,

Taiwo

"Nak" <a@a.com> wrote in message
news:uV**************@TK2MSFTNGP10.phx.gbl...
Hi there,

I have just managed to get some methods together that encrypt data

using
RSA encryption. 2 Keys are serialized and saved as files, one public and one private, this way I can specify which key is used to decrypt/encrypt the
data, all works well, except...

I was under the impression that with RSA encryption you could do
the following,

1. Encrypt data (x) using the public key *ok*
2. Decrypt data (x) using the private key *ok*
3. Encrypt data (y) using the private key *ok*
4. Decrypt data (y) using the public key *problem*
5. Encrypt data (z) using the public key *ok*
6. Decrypt data (z) using the public key *problem*
7. Encrypt data (a) using the private key *ok*
8. Decrypt data (a) using the private key *ok*

I wasn't *totally* sure on the concepts of RSA encryption, maybe I

have
written something wrong along the lines? Either that or the articles I

have
been reading are wrong (which is more that possible). Anyone got any
thoughts on this? Thanks in advance.

Nick.

--

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003

/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\



Nov 20 '05 #6

This discussion thread is closed

Replies have been disabled for this discussion.