I have a public 2048 bits RSA Key in byte array, I need to encrypt some data but I don't want to encrypt it directly with the public key. I can generate a common symmetric key such as AES to encrypt my data. I want to then encrypt my symmetric key with my public RSA key. I know what I need to do I just know how. I tried converting the byte array to PublicKey object but I get Invalid Key Format Exception. Is there any other way I can make it work? I am using BouncyCastle as my security provider.
Related
So I'm trying to use RSA-AES to encrypt a JSON and SOAP payload.
For JSON it seems straightforward:
auto-generate a symmetric AES key
AES-encrypt the payload with that
RSA-encrypt the AES key with the RSA Public Key.
Concatenate the two ciphertexts to the receiver.
For decryption, the receiver splits the two ciphertexts (based on length),
then uses the RSA Private key to decrypt the AES key from the first part,
and uses the resulting AES key to decrypt the second part, to receive the original plaintext payload.
But I'm not familiar with SOAP, How do I go about concatenating two ciphertexts in a SOAP payload?
I am actually building a file encryption solution which shall have following salient features:
ENCRYPTION SIDE
Firstly, I have to Hash the file with SHA-256 and store that hash in a separate file.
Afterwards, I have to encrypt that file using private key of sender.
A symmetric key will be generated for AES Algorithm.
I then have to encrypt the actual file with that symmetric key.
Finally, that symmetric key will be encrypted with public key of the receiver.
DECRYPTION SIDE
Decryption of hash file with public key of sender.
Decryption of encrypted asymmetric key with private key of receiver.
Decryption of that actual file with symmetric key.
Hashing the actual file again
Compare the hash generated with the hash provided by sender to validate content.
Now, I that is the complete stuff I need to implement, However, I have few queries pertaining to the keys actually; which are not clarified after surfing many web-sites.
QUERIES
What does actually meant by the private key of sender? I know, I shall have to implement it with RSA Algorithm; which works with key pair. If I (sender) will encrypt the file with public key generated in key pair that how the private key for the receiver will be generated? Is this the same key generated under key pair?
if yes then do we have to provide that key to the receive?
if no then how the data will be decrypted by the receiver? since the message is encrypted under my own key pair generated...
How can we share the relevant keys and hashes with the receiver? Since, emails and other platforms are public and shall not be used for sharing confidential data.
Please an easy explanation will be very helpful for me, I am confused with these above mentioned terms.
Thanks in advance.
What does actually meant by the private key of sender? I know, I shall have to implement it with RSA Algorithm; which works with key pair. If I (sender) will encrypt the file with public key generated in key pair that how the private key for the receiver will be generated? Is this the same key generated under key pair?
In very old documents or by very confused people, this is the way that they talk about signature generation. Normally the hashes won't be stored in a file though, unless a Merkle tree is used instead of direct hashing.
if yes then do we have to provide that key to the receive? if no then how the data will be decrypted by the receiver? since the message is encrypted under my own key pair generated...
The public key should be distributed to the other party in any way that the public key can be trusted (to be from the sender). Then the sender's public key can be used to verify the signature created over the original file.
How can we share the relevant keys and hashes with the receiver? Since, emails and other platforms are public and shall not be used for sharing confidential data.
That's up to you. Generally a trusted third party is used together with X.509 certificates. The whole thing together is called Public Key Infrasture or, even more broadly, key management.
I would like to use RSA encryption on a large file (>25 MB).
Is it possible or are there limitations using a Public Key/Private Key for a large app?
I am exposing a public key to clients and not allowing anyone but the recipient to view the contents with the private key. So the business case makes sense although it will be slower than symmetrical encryption.
Thanks,
RSA cannot encrypt a payload larger than its key size (minus some overhead for padding). To bypass this limitation you'll need to generate a symmetric key, use that to encrypt the larger file, then encrypt the symmetric key itself with RSA (with OAEP or PKCS1v1.5 padding).
Cryptographic Message Syntax (CMS) and PKCS7 (CMS's predecessor) support this use case already so there's no need to invent your own protocol.
I am planning on file encryption during file transfer from physical storage to physical storage as my final year project at my high school.
My question is, can AES Encryption and RSA Digital Signature Scheme be used as file encryption? Currently I am focusing on text files (.doc, .txt).
I've got the following protocol in mind:
the file will be encrypted using AES Encryption
the private key from RSA Encryption will be the signature for the file
the public key will verifies the signature during decryption
I am not sure about the bit sizes of the keys to use, either 256 bit AES and 1024 bit RSA.
Most of the time AES and RSA are used together in the following way:
create an asymmetric key pair and keep the private key confidential and the public key in a trusted keystore
create a symmetric data encryption key and encrypt the data with it (e.g. using AES-CBC and a random IV)
encrypt the symmetric data encryption key using the public key of the key pair
create a signature with a private key (if possible, using a separate key pair), using e.g. PKCS#1 using the SHA-256 hash algorithm
store the encrypted data (+IV), the encrypted key and the signature
To verify
retrieve the data etc.
verify the signature using the public key from the trust store
decrypt the symmetric key using the private key (protected by a password, stored on an USB stick or smart card etc)
decrypt the data
You will need some way to store the data. It's best to use a common format for this such as Cryptographic Message Syntax. For key sizes see http://www.keylength.com/ e.g. using the NIST or ECRYPT II recommendations. I would suggest matching sizes, e.g. AES-128 bits, RSA 3072 bits and SHA-256 for the signature.
In AES encryption (.net framework), how are the public and private keys used?
Are the public and private keys combined to form a full key, and then the algorithm uses the public + private key to encrypt the data?
(simplified keys used below for example purposes)
e.g.
public key = 12345
private key = 67890
so the key used when generating the encryption result is: 1234567890
As others have said, AES is a symmetric algorithm (private-key cryptography). This involves a single key which is a shared secret between the sender and recipient. An analogy is a locked mailbox without a mail slot. Anybody who wants to leave or read a message needs to have a key to the mailbox.
If you really want to know the gory details of AES, there's a superb cartoon to guide you along the way.
Public-key cryptography involves two related keys for each recipient involved - a private key which is a secret known only by the recipient, and a related public key which is known by all senders.
The sender encrypts the message using the recipient's public key. That message can only be decrypted by a recipient with a private key matching the public key.
An analogy for public-key encryption is a locked mailbox with a mail slot. The mail slot is exposed and accessible to the public. Its location (the street address) is the public key. Anyone knowing the street address can go to the door and drop a written message through the slot. But only the person who possesses the private key can open the mailbox and read the message.
AES is a symmetric algorithm, so it does not have public and private keys - only a shared secret.
In the simplest form:
AES is a symetric algorithm, it uses the same key for encryption and decryption.So tat whoever has the key can read your message.
The private and public key is for Asymetric alogorithms like RSA, normally people use public key to encrypt and private key to decrypt( only HMAC or MAC will use private key to encrypt, and public key to decrypt).The public key is known to everyone, the private key is only known to yourself, so no one can read the message sent to you.
I do not know how the .net framework specifically works (the question should probably have been tagged .net) but by your question it sounds like it implements public/private key crypto, just using AES for its symmetric component.
The usual mode of doing public key encryption is to
Generate a symmetric key
Encrypt the data with this key, using a symmetric algorithm like AES.
Encrypt the symmetric key with the public key, using a asymmetric algo like RSA.
Bundle the encrypted sym key with the encrypted data
The reason symmetric algos are preferred for the data itself is that asymmetric ones are very slow.
Given that they couldn't test security (all they really had was the absense of breaks, for several og the candidates), the reason for choosing Rijndael for AES was (mostly) performance related.
A public key is linked to a private key. The public key (RSA) is distributed to the 'wild' and anyone who wants to send an encrypted file (generically speaking here), they will request the public key and encode against it. The cypertext is unreadable to anyone who gains access to the file, even if they have the public key.
The private key is needed to decode the file. As long as the private key is kept private, it is statically improbable that anyone will guess or hack the the key. Improbable, not impossible.
The real issue is keeping the private key private. Most cracks are done with social hacking. Extortion, loggers and monkey-in-the-middle public key conversion are other ways more probable than brute forcing the password or key.
In your comment to Brawndo you asked
what's the point of having a public
and private key then if both can
decrypt others? Why not both have the
same key?
What you are describing is Symmetric-key algorithms, which AES is one. The reason for public-private keys are that with Symmetric-key algorithms how do you pass a Symmetric key over unsecured networks, mail, phone or what not without the key being intercepted. Perhaps encrypting the key, but then how do you pass that key? With a public-private key combo, that becomes LESS relevant.
"In most cases, there's a greater
probability that the sun will burn out
before all the computers in the world
could factor in all of the information
needed to brute force a 256-bit key,"
said Jon Hansen, vice president of
marketing for AccessData Corp, the
Lindon, Utah, company that built the
software that powers DNA.