R – How to generate an RSA public/private key in .Net, of a specific length

.netencryption

I'm using the RSACryptoServiceProvider to do some asymmetric encryption.

As per MSDN, when you instantiate a new RSACryptoServiceProvider, you get a public/private key pair generated for you that you can use.

Clearly this pair is being generated using some defaults – specifically the length. I'd like to specify my own length for greater security.

How can I do this?

Thanks in advance.

Best Solution

One of the constructors for RSACryptoServiceProvider takes a KeySize as parameter. Do consult the docs about allowable values though.

Related Solutions

.net – Does RSA Private key always contain the Public key, or is it just .NET

The private key always includes the public key.

What you might really want is Signing. Using the same .NET classes, you can sign data with your private key and verify the signature on the other party's side with the public key (which obviously doesn't contain the private key).

    public static string Sign(string data, string privateAndPublicKey)
    {
        byte[] dataBytes = Encoding.UTF8.GetBytes(data);
        RSACryptoServiceProvider provider = CreateProviderFromKey(privateAndPublicKey);
        byte[] signatureBytes = provider.SignData(dataBytes, "SHA1");
        return Convert.ToBase64String(signatureBytes);
    }

    public static bool Verify(string data, string signature, string publicKey)
    {
        byte[] dataBytes = Encoding.UTF8.GetBytes(data);
        byte[] signatureBytes = Convert.FromBase64String(signature);
        RSACryptoServiceProvider provider = CreateProviderFromKey(publicKey);
        return provider.VerifyData(dataBytes, "SHA1", signatureBytes);
    }

    private static RSACryptoServiceProvider CreateProviderFromKey(string key)
    {
        RSACryptoServiceProvider provider = new RSACryptoServiceProvider();
        provider.FromXmlString(key);
        return provider;
    }

.net – Given a private key, is it possible to derive its public key

In most asymmetrical crypto system implementation, the only fact that is ensured is that you cannot find the private key from the public key. The other way round, finding the public key from the private key is trivial in most case.

For instance, in RSA, you can create public key from private key with:

openssl rsa -in private.pem -pubout -out public.pem

What is misleading is the terminology: "private key" refers to 2 different concepts whether you are speaking of the theory, or wether you are speaking of practical implementation:

The theoretical private key is the couple (d, n) which shares perfect symmetrical (mathematical) relation with (e, n). If you are comparing these, one cannot be computed from the other.
The practical private key (as in openssl implementation for example), refers to a file containing (d, n) but also several important intermediate values for decoding speed purpose. In addition to that, the theoretically "unknown" part of the public key e is often fixed to common values by convention (which is 0x10001 by default in openssl and albeit it can be changed, it is strongly recommended to stick to only very specific values). So deducing the public key (e, n) from the private key is trivial for more than one reason.

Best Solution

Related Solutions

.net – Does RSA Private key always contain the Public key, or is it just .NET

.net – Given a private key, is it possible to derive its public key

Related Question