C# - Detect RSA-2048 Encryption on a File

Is there a way to detect, in .NET (C#) whether a file is encrypted using RSA-2048 encryption?
street9009Asked:
Who is Participating?
 
gheistConnect With a Mentor Commented:
I doubt there is any good RNG test in C#, so if you want to do it really in .NET you must either make your own interface to native code, or port to C#. Source files of NIST tests make like 200KB togeter - like 200 screenfuls of code in total.
0
 
AndyAinscowFreelance programmer / ConsultantCommented:
Only if you know the password - then you can successfully decrypt it.
0
 
street9009Author Commented:
So there's no identifying marks or way to test without knowing the password/key?
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

 
AndyAinscowFreelance programmer / ConsultantCommented:
Not that I know of.
Don't forget, anything that identifies the encryption method is already a help towards decrypting it.
0
 
street9009Author Commented:
There must be some way, as there appear to be multiple tools that do this: http://security.stackexchange.com/questions/44387/scanning-for-files-than-have-been-encrypted-by-cryptolocker
0
 
gheistCommented:
Encrypted data is completely random. If it is not it means that particular encryption algorithm is broken.
RSA-2048 is not an encryption algorithm, it is something else:https://en.wikipedia.org/wiki/RSA_numbers#RSA-2048
0
 
street9009Author Commented:
Okay- tomato, tomahto. The terminology I used came from the fact that these are called "encryption viruses" and use "RSA-2048" to change the content of your files.

The question remains- can it be detected in C#?
0
 
gheistCommented:
Yes, encrypted data is fully random, so all and every randomness test suites should confirm that.
http://csrc.nist.gov/groups/ST/toolkit/rng/documentation_software.html
Many tests will confirm that RAR and zopfli compression is random too, but ok, at least it will not missdetect good documents.
At least truecrypt detectors worked like that.
0
 
street9009Author Commented:
I don't see how to make this work in C# though...
0
 
AndyAinscowFreelance programmer / ConsultantCommented:
>>Yes, encrypted data is fully random, so all and every randomness test suites should confirm that.

I would say no you can not tell which encryption method is used unless you know the key then you can decrypt the file.  The question as I understand it isn't about is it encrypted but about is it encrypted with this stated method.
0
 
street9009Author Commented:
Really either would be helpful, though yes you are correct, I was hoping to detect that specific method.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.