RE: Stream based RSA encryption?

Tech-Archive recommends: Speed Up your PC by fixing your registry

Hi Nick,

For standard format, you may look for some network security channel's
implementation. For example, the SSL channel implementation. For .NET
framework, it provide built-in XML encryption implementation. You can have
look at the XML encryption process(via asymmetric key), which also use
asymmetirc key to encrypt symmetirc session key and use session key encrypt
XML data.

#How to: Encrypt XML Elements with Asymmetric Keys
http://msdn.microsoft.com/en-us/library/ms229746.aspx

Also, you can try the XML encrypt code and view its encrypted XML block
which will give you a clear message format(include encrypted message header
and body). Thus, it's specific to XML encryption, the idea can be adopted
into your binary encryption as well.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead


Delighting our customers is our #1 priority. We welcome your comments and
suggestions about how we can improve the support we provide to you. Please
feel free to let my manager know what you think of the level of service
provided. You can send feedback directly to my manager at:
msdnmg@xxxxxxxxxxxxxx

--------------------

From: =?Utf-8?B?bmlja2R1?=
<nicknospamdu@xxxxxxxxxxxxxxxx><ZCRYmiGdJHA.4200@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Stream based RSA encryption?
Date: Tue, 13 Jan 2009 13:07:02 -0800


Is there a standard format for including the encrypted session key in the
body of the message? I encoded it as follows:

byte[] key = asymetric.Encrypt(symetric.Key, false);
byte[] iv = asymetric.Encrypt(symetric.IV, false);

byte[] length = BitConverter.GetBytes((int) key.Length);
output.Write(length, 0, length.Length);
length = BitConverter.GetBytes((int) iv.Length);
output.Write(length, 0, length.Length);
output.Write(key, 0, key.Length);
output.Write(iv, 0, iv.Length);

Which equates to:

1. Write out int value indicating length of key.
2. Write out int value indicating length of iv.
3. Write out key.
4. Write out iv.

Is that reasonable? I assume I need to store the lengths of the key and
iv
as those could vary, correct?
--
Thanks,
Nick

nicknospamdu@xxxxxxxxxxxxxxxx
remove "nospam" change community. to msn.com


""Steven Cheng"" wrote:


.

Relevant Pages

  • Re: Encrypt and save in a file
    ... we're added support for XML Encryption in v2.0 of the framework. ... >X-Newsreader: Microsoft Outlook Express 6.00.2800.1158 ... >"Sasha" wrote in message ...
    (microsoft.public.dotnet.security)
  • RE: Xml encryption via soap extension error
    ... I am still trying to figure out how to do XML encryption using WSE2. ... > header going from the client web page to the server side web service. ...
    (microsoft.public.dotnet.framework.webservices)
  • Signed, Enveloped crypto in Pocket PC
    ... eveloped encryption on Pocket PC? ... that currently uses XML Encryption and XML Digital Signature. ...
    (microsoft.public.pocketpc.developer)
  • A Paranoid Encryption Mode
    ... header field sent in the clear, ... the random session key being used to leak key bits by tampering. ... OAEP and the various attempts at integrity-aware encryption modes. ... maximum-period shift register in Galois configuration that is stepped ...
    (sci.crypt)
  • Re: encrypt password for webservices
    ... of a Web client and a Web server. ... decrypt them, because the Web server will use a different session key, i.e. ... >> For storage, do not use encryption, use hashing instead. ...
    (microsoft.public.dotnet.security)