Previous Tip  |  Next Tip  |  Index (recent)   |  Design Tips   | [Bill's Home]

241. Public-key encryption

Public-key encryption uses two keys: a public one and a private one (Figure 1). These are generated from extremely large prime numbers, as a value which is the product of two large prime numbers is extremely difficult to factorize. The two keys are generated, and the public key is passed to the other side, who will then encrypt data destined for this entity using this public key. The only key which can decrypt it is the secret, private key. A well-known algorithm is RSA, and can be used to create extremely large keys. [Click here to download of the solution]

Figure 1: Public-key encryption

The following is some .NET code to generate 1024-bit public and private keys:

System.Security.Cryptography.RSACryptoServiceProvider RSAProvider;
RSAProvider = new System.Security.Cryptography.RSACryptoServiceProvider(1024);
publicAndPrivateKeys = RSAProvider.ToXmlString( true );
justPublicKey = RSAProvider.ToXmlString( false );
StreamWriter fs = new StreamWriter("c:\\public.xml");
fs = new StreamWriter("c:\\private.xml");

It converts them in an XML format, such as given in Figure 2 (which contains both the private and public key). In this case, the public key is:


Figure 2 XML-based private key

The code to then read the keys is:


XmlTextReader xtr = new XmlTextReader("c:\\private.xml");
publicAndPrivateKeys=""; // reset keys
while (xtr.Read())
publicAndPrivateKeys += xtr.ReadOuterXml();
xtr = new XmlTextReader("c:\\public.xml");
while (xtr.Read())
justPublicKey += xtr.ReadOuterXml();

and then to encrypt a message (txt) with the public key:

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
string txt= tbTxtEncrypt.Text;
byte[] plainbytes = System.Text.Encoding.UTF8.GetBytes(txt);
byte[] cipherbytes = rsa.Encrypt(plainbytes,false);

and then to decrypt with the private key:

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
string txt=tbTxtEncrypted.Text;
byte[] cipherbytes = Convert.FromBase64String(txt);
byte[] plainbytes = rsa.Decrypt(cipherbytes,false);
System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
this.tbTxtDecrypt.Text = enc.GetString(plainbytes);

where tbTxtEncryted is the text box for the encrypted text, and tbTxtEncrypt is the text box for the text to be encrypted text.

Using these keys, a message of "hello" becomes:


Public-key encryption is an excellent method of keeping data secure, but it is often too slow for real-time communications. Also, we have the problem of distributing the public key to the sender. This problem is solved in the next unit by the use of digital certificates.

Other related .NET articles I've written include:

- Design Tip 298. [.NET] HMAC-SHA1.
- Design Tip 243. [.NET] Base-64 or Hex hash values.
- Design Tip 242. [.NET] Digital Certificates.
- Design Tip 241. [.NET] Public-key Encryption.
- Design Tip 240. [.NET] Diffie-Hellman Method.
- Design Tip 239. [.NET] Symmetric Encryption (Private-key).
- Design Tip 238. [.NET] Obfuscation Part II.
- Design Tip 237. [.NET] Obfuscation Part I
- Design Tip 236. [.NET] Data packet capture (filters: IP, TCP, and so on).
- Design Tip 235. [.NET] Data packet capture.
- Design Tip 234. [.NET] Interface to network adapter.
- Design Tip 232. [.NET] Creating an SSH client.
- Design Tip 231. [.NET] Creating an SNMP client.
- Design Tip 216. [.NET] Client/server communications.
- Design Tip 210. [XML/.NET] XML and .NET.
- Design Tip 207. [.NET] Treeviews for interest.
- Design Tip 206. [.NET/Design] Design, evaluate, design, .....
- Design Tip 205. [.NET] Treeviews.
- Design Tip 203. [.NET] Replacing menus with Treeviews.
- Design Tip 202. [.NET/Flash] .NET and Flash - the perfect pair.