Asymmetric Encryption and Decryption within .NET Framework
Asymmetric Encryption and Decryption relies on the key pair where we have public and private key. Both keys are needed to encrypt and decrypt text. Public key is freely available but will do nothing without private key. However Asymmetric encryption has an overhead and not suitable for large texts. As a result, combination of two methods is employed for secure transmission on the web. HTTPS and SSL are using this combination. It starts with Asymmetric communication between client and server during which key is transferred in asymmetrically encrypted form. Once key is delivered it is then used to decrypt symmetrically encrypted text.
All classes for asymmetric algorithm are based on System.Security.Cryptography.AsymmetricAlgorithm class with the following properties.
- KeyExchangeAlgorithm – get key exchange algorithm name.
- KeySize – works with the size of the secret key for symmetric algorithm. Size is in bits.
- LegalKeySizes - KeySizes array with array member contains MinSize and MaxSize.
- SignatureAlgorithm – receives the URL of an XML document with the signature algorithm.
RSACryptoServiceProvider – is primarily used for asymmetric encryption and decryption and is used for RSA algorithm. There is an overhead since it asymmetric, so heavy in processing.
Properties
Name | Description |
---|---|
PersistKeyInCsp | key is persistent in the CSP |
UseMachineKeyStore | key is persistent on the key store |
Methods
Name | Description |
---|---|
Decrypt | Decrypt with RSA algorithm |
Encrypt | Encrypt with RSA algorithm |
ExportParameters | Exports RSAParameters |
FromXmlString | Import key pair from XML string |
ImportParameters | Imports to key pair RSAParameters |
SignData | Computes Hash |
SignHash | Computes signature |
VerifyData | Verifies signature |
VerifyHash | Verifies signature to hash |
DSACryptoServiceProvider | Digital signature |
DSACryptoServiceProvider – is used for signing messages digitally. Can guarantee Data confidentiality and is very light in comparison to RSACryptoServiceProvider
Asymmetric RSA Keys are structure and as such represented by RSAParameters structure.
Parameter | Description |
---|---|
D | The private key |
Exponent | Short Public key |
Modulus | Long Public key |
You will always need to export your public key and you do it in the following way
RSACryptoServiceProvider myRSA = new RSACryptoServiceProvider();
RSAParameters publicKey = myRSA.ExportParameters(false);
You can also export key via CryptoAPI key storage and you will do it this way
CspParameters persistantCsp = new CspParameters();
persistantCsp.KeyContainerName = "AsymmetricExample";
RSACryptoServiceProvider myRSA = new RSACryptoServiceProvider(persistantCsp);
myRSA.PersistKeyInCsp = true;
RSAParameters privateKey = myRSA.ExportParameters(true);
foreach (byte thisByte in privateKey.D)
Console.Write(thisByte.ToString("X2") + " ");
Once key is stored .NET Framework will always reuse it.
Encryption and Decryption is done with the help of Decrypt and Encrypt methods of the class RSACryptoServiceProvider.
string messageString = "Hello, World!";
RSACryptoServiceProvider myRsa = new RSACryptoServiceProvider();
byte[] messageBytes = Encoding.Unicode.GetBytes(messageString);
byte[] encryptedMessage = myRsa.Encrypt(messageBytes, false);
byte[] decryptedBytes = myRsa.Decrypt(encryptedMessage, false);
Console.WriteLine(Encoding.Unicode.GetString(decryptedBytes));