Go Back   Exetools > General > Source Code


Thread Tools Display Modes
Old 11-05-2022, 05:40
CarrotStickCam CarrotStickCam is offline
Join Date: Nov 2022
Posts: 11
Rept. Given: 0
Rept. Rcvd 2 Times in 1 Post
Thanks Given: 3
Thanks Rcvd at 18 Times in 5 Posts
CarrotStickCam Reputation: 2
Talking Encrypt and Decrypt with public key and private key(RSA based)

RSA Based encryption & decryption
Coded in C#
Attached Files
File Type: zip ConsoleApp3.zip (37.5 KB, 64 views)
Reply With Quote
The Following 3 Users Say Thank You to CarrotStickCam For This Useful Post:
user1 (11-05-2022), Zeokat (11-06-2022), zeuscane (11-05-2022)
Old 11-20-2022, 15:14
bashan bashan is offline
Join Date: May 2020
Location: America
Posts: 1
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 4
Thanks Rcvd at 0 Times in 0 Posts
bashan Reputation: 0
Nice work but can't be downloaded! Could you share an available link? Thankss!
Reply With Quote
Old 01-16-2023, 14:53
foosaa foosaa is offline
Join Date: Dec 2005
Posts: 106
Rept. Given: 36
Rept. Rcvd 12 Times in 10 Posts
Thanks Given: 167
Thanks Rcvd at 84 Times in 32 Posts
foosaa Reputation: 14
If any one wants to know how it works with a sample code, try this page.

The source is in Javascript (obviously! :-D ) and can be viewed by inspecting the page.

I'm pretty sure the same implementation can be converted to any language that supports any cryptographic library as they are published standards.

But, there are some caveats to consider (this is based on my experience.)

Using a RSA private key for encryption has it's limitations. For example the message cannot be longer than a certain number of characters based on the bit size.

That is, if the RSA key is 1024 bits which is 128 bytes (assuming 8 bits per byte), then the message that could encrypted cannot exceed 86 bytes. That is because of the OEAP padding. It is like 1024 / 8 = 128 - 42 = 86 Bytes.

Similarly, for a 2048 bits key, it will be 2048 /8 = 256 - 42 - 214 bytes. This could be used for encrypting session keys upto so many bytes. If it needs to be used for encrypting anything other than session keys, then the plain text cannot exceed the above mentioned number of bytes.

So, the proper method would be to create a session key using some data and feeding it to a PBKDF2 kind of functions, get the output, use it for encryption, then encrypt the key using the public or private key and send it along with the cipher text if the target plain text is more than the above limits. If it is not, then it could be used to encrypt the plain text directly. But it will lead to other issues. If there are multiple samples of such encrypted texts using the same RSA key, it could be used to deduce the keys without much of an effort if the encrypted text could be decrypted.

Means, if there are enough samples of different (smaller) plain texts encrypted using the same private key and if the public key is available with the attacker, he could correlate the encrypted text and the plain text and can create the private key himself. But that's reserved for another post and time.

Thanks for reading this and please excuse any typos.
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

All times are GMT +8. The time now is 01:15.

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )