How do i generate random data with RSA?

Question

After loading my RSACryptoServiceProvider rsa object i would like to create a key for my AES object. Since i dont need to store the AES key (i only need it to decrypt on my prv side) i figure i dont need to store it and i can generate it with my public key.

I thought doing rsa.Encrypt(byte[] with 4 hardcoded bytes); would generate the data i need. It turns out everytime i call this function even with the same data i get different results. So theres no way for me to recreate the AES key if its different everytime.

How can i generate data with RSA in a way that i can recreate anytime i need?

Answer 1

You don't generate the AES key with your public key. You generate the AES key with your random number generator and encrypt it with your recipient's public key. In .NET, you'll have for example an AesCryptoServiceProvider for your AES functions and an RSACryptoServiceProvider for you key transport functions. The normal sequence of events to encrypt data that is to be sent to Bob is:

1. Generate a random AES key using the AesCryptoServiceProvider.GenerateKey method.
2. Encrypt your data with AES.
3. Retrieve the AES key from the Key property of the AES instance.
4. Encrypt this AES key with Bob's RSA key using the RSACryptoServiceProvider.
5. Transmit this along with the encrypted data to Bob.

When Bob receives this data he using his RSA private key to undo these steps.

Note that this is a simplified description of what is done in message encryption standards like CMS and PGP. In general, rather than reinventing the wheel you should consider using a C# implementation of one of these.

EDIT

There are several .NET classes in the System.Security.Cryptography.Pkcs Namespace the seem to deal with CMS. I haven't used them.