rsa

How secure is this architecture?

Hi, I'm building a system that need to collect some user sensitive data via secured web connection, store it securely on the server for later automated decryption and reuse. System should also allow user to view some part of the secured data (e.g., *****ze) and/or change it completely via web. System should provide reasonable level of s...

C#: How to encrypt/decrypt a string?

Following up on this question, I would like to know what an RSA key is, and how I would go about creating and using one. Thanks in advance. ...

C# Problem encrypting using RSA

I am using this function which I pulled off MSDN static public byte[] RSAEncrypt(byte[] DataToEncrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding) { try { byte[] encryptedData; //Create a new instance of RSACryptoServiceProvider. using (RSACryptoServicePro...

Implementing License Validation with RSA

I am about to sell a program I have written in C# and I want to control licenses for it, strictly. That means I want to let the client connect to my server every single time it starts. This also gives me the ability to disable keys (in case of chargebacks on paypal or distribution of the code). Of course this might be a hassle for other ...

AS3Crypto RSA Signing

Hi All, I'm having some troubles matching the value returned from RSA signing a Base64 SHA1 hash in the actionscript as3crypto library with the result returned in c#. I'm passing in a Base64 hash decoded as a byte array to the sign() function provided in as3crypto and base64 encoding the result. However, this result never matches the r...

RSA Encryption, getting bad length

When calling the following function : byte[] bytes = rsa.Encrypt(System.Text.UTF8Encoding.UTF8.GetBytes(stringToEncrypt), true); I am now getting the error: bad length. With a smaller string it works, any ideas what the problem could be the string I am passing is under 200 characters. ...

C# RSA Decryption issue

I have this function I am using to decrypt values that works fine on my dev machine. But when run in production on another server - gives this exact error message : The system cannot find the file specified. Here is the function: public static string Decrypt(string stringToDecrypt, string key) { string result = null; ...

Using a previously generated RSA public/private key with the .net framework

Hi all, I have a pre-existing public/private key pair for RSA encryption which I need to use in .net . All the examples I can find online demonstrate how to generate a new private/public pair and then encrypt/decrypt. ie. something like this: const int PROVIDER_RSA_FULL = 1; const string CONTAINER_NAME = "SpiderContainer"; CspParameters...

What format signature does Openssl pkeyutl expect?

I'm trying to verify a file that was signed by hashing with SHA-1 and encrypting the hash with an RSA private key. Obviously I'm using the RSA public key to verify. The key is in DER format. The signature verification works correctly using Java's Signature class. The openssl command I'm trying (and the result) is: ~/Downloads...

How to communicate AES initialization Vector to client for hybrid cryptosystem.

I need to implemented security for client-server communication. I have implemented the following hybrid cryptosystem: http://en.wikipedia.org/wiki/Hybrid%5Fcryptosystem To encrypt a message addressed to Alice in a hybrid cryptosystem, Bob does the following: Obtains Alice's public key. Generates a fresh symmetric key for the data enca...

C# RSA with no padding

I'm busy trying to port Java code that looks like this Cipher rsa = Cipher.getInstance("RSA/ECB/nopadding"); rsa.init(Cipher.DECRYPT_MODE, RSAPrivateKey); decryptedData = rsa.doFinal(data, 0, 128); to C#, but as it seems the RSACryptoServiceProvider, forces you to either use OEAP or PKCS1 padding. I know no padding isn't s...

Which of the encryption aproaches should I use?

I need a system to exchange very secret data (source code that is a trade secret). I will use Crypto++ so practically I can use all encryption algorithms, although I really prefer to use an industry standard. Currently I'm thinking on these methods: Have the server generate 2048/4096-bit RSA keys, send the public key over to the clien...

Performance of RSA based on keysize

Hi, A theoretical question not depending on implementation, how much of a decrease in performance is 1024bit vs 4096bit RSA? Thanks ...

Java: Why does a 512-bit RSA KeyPairGenerator return 65 byte keys?

Hello, this is somewhat a newbie question probably. I'm generating keypairs with Java: KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN"); keyGen.initialize(512, random); KeyPair keyPair = keyGen.genKeyPair(); RSAPrivateKey privateKey = (RSAPrivateKey)keyPai...

SSL handshake fails when using RSA BSafe SSL-J for Tomcat's socket factory

Has anyone tried getting Tomcat to use SSL-J for Tomcat? I'm trying to set up Tomcat to use SSL-J for it's SSL sockets, but I'm having troubles getting things to work and I don't see anything helpful in the SSL-J documentation. Things work fine when Sun's default JSSE provider is used. Any help would be greatly appreciated. Using: Ja...

iPhone: How to create a SecKeyRef from a public key file (PEM)

In order to send and receive encrypted messages from/to the iPhone I need to read a public key (server's public key) PEM file and create a SecKeyRef (later I could even store it on the keychain in order not to create it again). This is my current workflow: On the server: Create a P12 file with the user's certificate and private key. S...

Lollipop notation in Rational Software Architect

I am using IBM Rational® Software Architect™ for WebSphere® Software Version: 7.5.2. In a component diagram I would really like to use the lollipop notation and not the stereotyped interface notation for a provided interface part. Any tips if this is possible in RSA? ...

How to encode an RSA key using PKCS12 in Python?

I'm using Python (under Google App Engine), and I have some RSA private keys that I need to export in PKCS#12 format. Is there anything out there that will assist me with this? I'm using PyCrypto/KeyCzar, and I've figured out how to import/export RSA keys in PKCS8 format, but I really need it in PKCS12. Can anybody point me in the right...

RSA Encryption: Java to PHP

I'm trying to implement RSA Encryption in both Java and PHP, but I can't seem to get PHP to recognize my Java public/private keys. Here is the java code to Encode/Decode the Public and Private Keys: public static byte[] EncodePublicKey(PublicKey _publickey) throws Exception { return _publickey.getEncoded(); } public static PublicKe...

Strength of RSA Encrypting an AES Key

I'm currently developing a system to transmit data between client and server, and was wondering what the strength of the encryption I planned to use was. My thought was to have a private/public RSA key pair and hand out the public key to each client (leaving the private key solely on the server). Each client would then generate their ow...