• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6033
  • Last Modified:

How to generate RSA key pairs and provide a pasphrase used in generation (not microsoft generated!)

Hello

I am trying to set up using C# and .Net 2.0 a RSA public/private key system to encrypt database columns (in varbinary). I want (like I used to be able to do in an old c library) to provide my own passphrase in generation the RSA keys (2048 or more).

It seems to be very hard to do! using RSACryptoServiceProvider will generate keys but somehow I do not trust that those private keys could not be hacked somehow. I prefer to provide my own passphrase. I looked for a GNU type of package for C# and .net 2.0 but found none :(

So here is what I tried:
            CspParameters cspParam = new CspParameters();
            cspParam.Flags = CspProviderFlags.UseMachineKeyStore;
            cspParam.KeyPassword= passphrase;
            RSACryptoServiceProvider x = new RSACryptoServiceProvider(cspParam);

            String publicKey  = x.ToXmlString(false);
            String privateKey = x.ToXmlString(true);

I just want to presist the keys for now. but I get a exception in ToXmlString(false); stating only wrong type!

anyone here has any hints or tips on how to generate those RSA keys using a password. I would like to use the same keys to sign PGP email and stuff. Actually PGP does a nice job with keys asking the user to move the mouse around to generate the seeds and then a strong passphrase for the keys. I'd like to do the same. Is there sample somewhere?

thanks for any info.

0
aquila98
Asked:
aquila98
  • 3
  • 3
  • 2
  • +1
1 Solution
 
surajgupthaCommented:
Just curious, why you want to use the RSA algorithm for this? Why not use  aplain private key encryption for this?
0
 
mastooCommented:
Hopefully you'll get a better answer but we've been using a low-tech approach that works fine.  www.gnupg.org has their free gpg implementation.  It doesn't have an api, but the exe is great.  We just build command lines with the proper args and invoke the exe, either redirecting output or reading the resulting file(s) to get the result.
0
 
aquila98Author Commented:
I need to allow user to add data to the database using the public key and only the application with its provate key can read the from the database. Its also a way to sign the data in the database. So I need key pairs for that and I pick RSA because it is well in use.

Since microsoft has gone into the trouble of building a RSA provided i figured there must be a way to properly use it and specify our own passphrase in the generation of the keys as opposed to just allow Microsoft to use any algorithm to generate it (and possibly re-generate it)
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
surajgupthaCommented:
>> only the application with its provate key can read the from the database.

Does that mean that apart from the application holding itr private key, you also require that a application user key in a password?
0
 
surajgupthaCommented:
If you looked at RSA algorithm, its about two prime numbers that are related with each other some way so that they are related to each other. I am not sure how you are looking at a passphrase to generate these numbers
0
 
mastooCommented:
The gnu pgp app works like you describe.  It stores public/private keys in its own database with weak protection and requires a password to get those.  This saves you some trouble but assumes your database isn't subject to strong attacks.
0
 
aquila98Author Commented:
hmmmmmm... I looked around in google and seems MS has indeed decided to implement its own key generation (being parano I assume there is a backdor to re-create he private key and decrypt at will)...
So I turned my attention to PGP in C# instead. I found some libraries but nothing free :(

I tend to shy away from implementation of crypto algorithm where one can't analyze the source code and make sure all is indeed as it should be...

I'll see if i can convert my old gnu C and C++ libraries into managed C++ so I can compile and use them in VS 2005

it's tough doing thing right!

since this is not really answered, I consider deleting this question... any objections?

0
 
aquila98Author Commented:
I found a C# toolkit Open called MONO
see http://www.mono-project.com/ 
0
 
Vee_ModCommented:
Closed, 200 points refunded.
Vee_Mod
Community Support Moderator
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now