0

I am looking for a way to do private key encryption in C#.

I thought I could use the RSACryptoServiceProvider, but it only supports public key encryption.

The only thing I found on the subject was this project, but I would rather use something I can find in .net: http://www.codeproject.com/KB/security/PrivateEncryption.aspx

Please note I am not looking for signing.

Please note I require asymmetric encryption.

Any idea's?

Background story:

I am sending an encrypted file to another system which is running an application. The encryption is making sure the file cannot be altered (more or less) or viewed by anyone. The application is able to decrypt the file using the public key and do something with it.

I know pretty much anyone is able to get the public key from the application, this is not a problem in this case.

SaphuA
  • 3,092
  • 3
  • 39
  • 58
  • 2
    If you are not doing signing, but you want to encrypt with the private key, then what exactly are you trying to acheive? – Ben Robinson Apr 28 '11 at 10:43
  • 2
    What do you mean by private key encryption? Based on your emphasis I would just suggest using RSA and keep both keys private, "Public Key" and "Private Key" are just names in that setup. – Stephan B Apr 28 '11 at 10:45
  • If it's something that can be reversed by the public key, then given the public key only has one operation - encrypt - isn't the inverse just a decrypt operation? i.e. you attempt to 'decrypt' the plain text to generate private-key encrypted data – Rup Apr 28 '11 at 10:52
  • @Ben, The encrypted data is sent somewhere that knows the public key and should therefor be able to decrypt data, **but not encrypt**. @Stephan, this means the public key can not stay private. – SaphuA Apr 28 '11 at 10:53
  • @SaphuA That is the essence of the Public Key Scheme: If you have the public key, you can encrypt. Only the private key can decrypt this. Oh, and if you need two-way communication, create two key-pairs: Public1 > Private1 Private2 < Public2 – Stephan B Apr 28 '11 at 10:55
  • I've had a look at the CodeProject code you link and their PrivateEncrypt operation is identical to their PrivateDecrypt, i.e. it's the same (x^d) mod n. It's also using a separate BigInteger class; there's now one built in to .NET 4 in System.Numerics. – Rup Apr 28 '11 at 11:37
  • Thanks for the comments. I know this is silly, but please read the edited background story. – SaphuA Apr 29 '11 at 06:58
  • 2
    Even though you keep insisting otherwise, what you describe is signing. – President James K. Polk Apr 29 '11 at 23:43

2 Answers2

2

The encryption is making sure the file cannot be altered or viewed by anyone

Public Key Encryption - when done "by the book" - seperates encryption and signing ("cannot be altered"). In your case, use two key pairs, one within the application and one at your site. Encrypt the file using the public application key and sign the file using your private one.

This is a really widespread usage, I even like to call it "Best practice". As for the downvote, I can only guess that ruling out signing in your question triggered this.

Stephan B
  • 3,671
  • 20
  • 33
  • Err, yes. Not altered isn't the right word, but you get the idea. I can understand signing is the best pracitice in this case, but I wouldn't be asking the question if I wanted to go that route. – SaphuA Apr 29 '11 at 07:31
  • @SaphuA So you want to ignore a well known and understood best practice. I'm sorry but I do not get the idea, perhaps you can tell us why signing is not possible? It sounds a little bit like "Roll your own Crypto" wich is always a bad idea : ( – Stephan B Apr 29 '11 at 07:47
  • Because reading the file should be difficult, not impossible. – SaphuA Apr 29 '11 at 08:53
1

It should not be done. Sign instead and use symmetric encryption.

SaphuA
  • 3,092
  • 3
  • 39
  • 58