0

I'm creating an API that will use public/private key pairs to authenticate users.
I've been working with both the .NET RSACryptoServiceProvider and the BouncyCastle library to create these pairs.
It works, but the output is far from user friendly. These keys contain all kinds of symbols like +-/=.

I've used several API services that generate public/private keys and these keys are always very neat, with only numbers and letters.

So how can I create more user friendly/reader friendly key pairs? This is the BouncyCastle code I'm using at the moment: 

var r = new RsaKeyPairGenerator();
r.Init(new KeyGenerationParameters(new SecureRandom(), keySizeInBits));
var keys = r.GenerateKeyPair();

AsymmetricCipherKeyPair pair = GenerateKeys(64);            
PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(pair.Private);
byte[] serializedPrivateBytes = privateKeyInfo.ToAsn1Object().GetDerEncoded();
txtPrivateKey.Text = Convert.ToBase64String(serializedPrivateBytes);

SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pair.Public);
byte[] serializedPublicBytes = publicKeyInfo.ToAsn1Object().GetDerEncoded();
txtPublicKey.Text = Convert.ToBase64String(serializedPublicBytes);

And this is an example output:

MCAwDQYJKoZIhvcN+A+Q+EB/BQADDwAwD/+AIFAMpTPYUCAwEAAQ==


Edit: I've added an image to illustrate. This is from a cryptocoin exchange.
(Obviously these keys are no longer valid).
To use the API you have to encrypt data with your public and private key and send it along using POST.
I've seen many APIs being protected like this, and they all use similar, 'pretty', public/private keys.

Example: Cryptsy.com website

CJ Scholten
  • 623
  • 2
  • 13
  • 27
  • 6
    What do you mean saying 'user-friendly'? Can you provide an example of desired key pair? – Ivan Nov 18 '14 at 12:22
  • 2
    That's likely the best its going to get. You could always give the end user a file and have your app read from it. User friendly ones may cause key collisions much sooner. – Daniel A. White Nov 18 '14 at 12:23
  • 1
    You mean encode the `byte[]` to a hex or base32 string? I doubt this is user friendly since this also makes the string longer. – Artjom B. Nov 18 '14 at 12:28
  • 5
    Is that Base64 example a complete key? What key size are you using, A 2048 bit minimum is recommended for RSA and that output seems much smaller – Alex K. Nov 18 '14 at 12:35
  • 2
    @AlexK. Cannot be the complete key as it is not even valid base 64. But yes, it looks like a baby key with 64 bit modulus. Maybe we should sow it somewhere and wait until it grows :) Check [keylength.com](http://www.keylength.com/en/4/) for more usable key sizes. – Maarten Bodewes Nov 18 '14 at 19:36
  • 1
    Cryptographic keys are not meant to be used by user directly. They are typically stored in files, like ssh does it, so usability concern doesn't apply here. – divanov Nov 18 '14 at 20:44
  • possible duplicate of [How do you convert Byte Array to Hexadecimal String, and vice versa?](http://stackoverflow.com/questions/311165/how-do-you-convert-byte-array-to-hexadecimal-string-and-vice-versa) – divanov Nov 19 '14 at 16:16

0 Answers0