1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bouncy Castle - .Net Implementation - RSA Algorithm

Discussion in 'Engineering Concepts' started by sbh, Feb 2, 2011.

  1. sbh

    sbh New Member

    Joined:
    Jan 5, 2011
    Messages:
    14
    Likes Received:
    1
    Trophy Points:
    0
    Occupation:
    Database R&D
    Location:
    Bangalore
    In the earlier articles, we came across the concepts of RSA algorithm in Public Key cryptography. Being a generic topic, it can be implemented in security applications of variant technologies. We shall see the implementation of RSA algorithm using C#.

    RSA Encryption



    RSA Encryption can be achieved by following the below steps
    1. Select an input message - For demonstration, we select to use a plain text message “Test message”
    2. Generate a RSA key pair - The bouncy castle type – RSAKeyPairGenerator has been used for generating the asymmetric key pair. The RSAKeyPairGenerator uses two large prime numbers for generating the private and the public keys.
    3. Create an RSA algorithm object - We need to create an object for the RSA asymmetric cipher.We can use the CipherUtilities collection of ciphers by specifying the exact padding and mode, or we may directly instantiate the algorithm.
    4. Initialize the RSA algorithm for the encryption mode along with the asymmetric keys
    5. Encrypt the message using the public key.
    The below code snippet is written in C# language and makes use of Bouncy Castle APIs.
    Code:
     
    string inputMessage = "Test Message";
    UTF8Encoding utf8enc = new UTF8Encoding();
     
    [COLOR=green]// Converting the string message to byte array[/COLOR]
    byte[] inputBytes = utf8enc.GetBytes(inputMessage); 
     
    [COLOR=green]// RSAKeyPairGenerator generates the RSA Key pair based on the random number and strength of key required[/COLOR]
    RsaKeyPairGenerator rsaKeyPairGnr = new RsaKeyPairGenerator();
    rsaKeyPairGnr.Init(new Org.BouncyCastle.Crypto.KeyGenerationParameters(new SecureRandom(), 512));
    Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair = rsaKeyPairGnr.GenerateKeyPair();
     
    [COLOR=green]// Extracting the public key from the pair[/COLOR]
    RsaKeyParameters publicKey = (RsaKeyParameters)keyPair.Public;
     
    [COLOR=green]// Creating the RSA algorithm object[/COLOR]
    IAsymmetricBlockCipher cipher = new RsaEngine();
     
    [COLOR=green]// Initializing the RSA object for Encryption with RSA public key. Remember, for encryption, public key is needed[/COLOR]
    cipher.Init(true,publicKey);
     
    [COLOR=green]//Encrypting the input bytes[/COLOR]
    byte[] cipheredBytes = cipher.ProcessBlock(inputBytes, 0, inputMessage.Length);
     

    RSA Decryption



    Similarly, RSA Decryption can be done through below steps -
    1. Input the encrypted message.
    2. Select the same RSA algorithm.
    3. Decrypt the message using the private key.
    4. Compare the decrypted with original message.
    Code:
    [COLOR=green]// Extracting the private key from the pair[/COLOR]
    RsaKeyParameters privateKey = (RsaKeyParameters)keyPair.Private;
    cipher.Init(false, privateKey);
    byte[] deciphered = cipher.ProcessBlock(cipheredBytes, 0, cipheredBytes.Length);
    string decipheredText = utf8enc.GetString(deciphered);
    
    On comparing decipheredText with inputMessage, we would find both of them to be equal.

    Bouncy Castle - .Net Implementation of RSA Algorithm with OAEP padding



    RSA algorithm has been found to be weak because it has no random component. An attacker might create a database of possible input messages and the encrypted text given by the RSA algorithm using the same public key. Then, he would simply compare the two encrypted messages and would know the original message. To avoid this possibility, we might like to use Padding schemes. One of such padding scheme is OAEP Optimal Asymmetric Encryption Padding (OAEP). It adds a factor of randomness which makes it impossible to determine the original plain text.

    Encryption steps-
    1. Select an input message - For demonstration, we select to use a plain text message “Test message” and generate a RSA key pair.
    2. Create an RSA algorithm object.
    3. Create a cipher object for OAEP encoding
    4. Initialize the RSA algorithm for the encryption mode along with the asymmetric keys specifying the hash digest that will be used for calculating the randomness.
    5. Process the blocks and encrypt the message using the public key.
    Code:
     
    [COLOR=green]// Encryption steps -----------------------------------[/COLOR]
    SHA256Managed hash = new SHA256Managed();
    SecureRandom randomNumber = new SecureRandom();
    byte[] encodingParam = hash.ComputeHash(Encoding.UTF8.GetBytes(randomNumber.ToString()));
    string inputMessage = "Test Message";
    UTF8Encoding utf8enc = new UTF8Encoding();
     
    [COLOR=green]// Converting the string message to byte array[/COLOR]
    byte[] inputBytes = utf8enc.GetBytes(inputMessage);
     
    [COLOR=green]// RSAKeyPairGenerator generates the RSA Key pair based on the random number and strength of key required[/COLOR]
    RsaKeyPairGenerator rsaKeyPairGnr = new RsaKeyPairGenerator();
    rsaKeyPairGnr.Init(new Org.BouncyCastle.Crypto.KeyGenerationParameters(new SecureRandom(), 1024));
    Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair = rsaKeyPairGnr.GenerateKeyPair();
    RsaKeyParameters publicKey = (RsaKeyParameters)keyPair.Public;
    RsaKeyParameters privateKey = (RsaKeyParameters)keyPair.Private;
    IAsymmetricBlockCipher cipher = new OaepEncoding(new RsaEngine(), new Sha256Digest(), encodingParam);
    cipher.Init(true, publicKey);
    byte[] ciphered = cipher.ProcessBlock(inputBytes, 0, inputMessage.Length);
    string cipheredText = utf8enc.GetString(ciphered);
     
    [COLOR=green]// Decryption steps --------------------------------------------[/COLOR]
    cipher.Init(false, privateKey);
    byte[] deciphered = cipher.ProcessBlock(ciphered, 0, ciphered.Length);
    string decipheredText = utf8enc.GetString(deciphered);
    [COLOR=green]//---------------------------------------------------------------[/COLOR]
    
    In my next publication, we would go through the DES and AES algorithm examples using the Bouncy Castle APIs.
     
  2. marcelo couto

    marcelo couto New Member

    Joined:
    Sep 23, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Gender:
    Male
    Hello!! Thanks for the code...works like a charm here...very nice!
    But, if i need to pass the cipheredText by querystring to a web api and there get the cipheredText, how is the best way ? uri.escapedatastring ? I am trying but is not working... i am getting a error "data hash wrong"
     

Share This Page