Menu
I am writing an application that used PKI to secure email, files etc.
Using the System.Cryptography namespace, I am generating a new key pair using RSACryptoServiceProvider.
The method is:
public static void GenerateKeys(int keySize, out string publicKey, out string privateKey)
{
using (var provider = new RSACryptoServiceProvider(keySize))
{
publicKey = provider.ToXmlString(false);
privateKey = provider.ToXmlString(true);
}
}
keySize = 2048.
This results in a public key like (this has been trimmed/padded with "-----START/END PUBLIC KEY BLOCK-----" wrappers for neatness.
-----START PUBLIC KEY BLOCK-----
<RSAKeyValue><Modulus>xs1GwyPre7/knVd3CAO1pyk++yp/qmBz2TekgrehYT
WU7hs8bUCeVQrL2OB+jm/AgjdPMohWHD/tLcJy35aZgVfPI3Oa3gmXxdoLZrfNRb
nrCm3Xr1MR7wnhMyBt5XXyU/FiF46g5qJ2DUIUg7teoKDNUSAN81JTIoH0KC+rZB
oO3tu9PR7H75K5G2eT6oUWkWKcZZU/4WNCDasNtizTe41Jy99BjrChww5r2ctqG8
LvIv7UeeFaK1vhxGKaNH/7JvKJI9LbewWNtmb/nRzQg9xK3e0OhblbW+o6zg5pTw
+n37fS7pkXK7lbRfUfaQmhoGy6ox4UWGmOgm8yPu8S4Q==</Modulus><Exponen
t>AQAB</Exponent></RSAKeyValue>
-----END PUBLIC KEY BLOCK-----`
When I look at PGP based public (or private) keys, there is no <RSAKeyValue>, <Modulus> or <Exponent> values inside the key.
Am I doing something wrong? Have I missed something? If I distribute this key, is this a security issue?
Crypto is a new and exciting field to me so I would REALLY appreciate any guidance here. I'm concerned I've screwed up - encrypting to the key works and decrypting the with the private key works - I was only wondering how PGP/GPG keys differ in appearance so much and what I need to do to correct this?
Thank you in advance!
215
At the center of the RSA cryptosystem is the RSA modulus N. It is a positive integer which equals the product of two distinct prime numbers p and q: RSA modulus: N = pq. So 55 = 5 · 11, 119 = 7 · 17, and 10403 = 101 · 103 could each be used as an.
The public key consists of the modulus (n) and the public exponent (e). The private exponent used for encryption and decryption. Called d. The private key consists of the modulus (n) and the private exponent (d).
RSA algorithm uses the following procedure to generate public and private keys: Select two large prime numbers, p and q. Multiply these numbers to find n = p x q, where n is called the modulus for encryption and decryption. If n = p x q, then the public key is <e, n>.
The private key is a scalar twice the size of the security level. A typical value is 256 bits. The public key is a group element, which is much larger than the private key. A typical value is 2048 bits.
The RSAKeyValue, Modulus, and Exponent tags are in there because you used the method ToXmlString().
An RSA public key is made up of the modulus and the public exponent. There is no security issue with distributing these 2 items. HOWEVER, you do NOT want to distribute any of the other items in the Private Key. The private key has these fields:
<RSAKeyValue>
<Modulus>…</Modulus>
<Exponent>…</Exponent>
<P>…</P>
<Q>…</Q>
<DP>…</DP>
<DQ>…</DQ>
<InverseQ>…</InverseQ>
<D>…</D>
</RSAKeyValue>
Do not distribute anything other than the Modulus and Public Exponent, which are found in both the Private and Public key.
When public keys are distributed, they are usually done by giving out a signed X509 certificate, which contains the public key, identification information linking that key to an entity, and a signature from a trusted authority.
If you give out the public key in the XML String format, the receiver must then use the FromXmlString() method to use it. The receiver also has no way to know if it is you who really sent the public key unless you give it to them in person (or use the certificate method above).
137
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
