Have Geek Brain

File encryption with AES, Key encryption with RSA - Am I on the right track?

Overview: I am trying to create an app that will encrypt files to send securely via street mail (LARGE datasets). I am planning on using AES / RijndaelManaged encryption from .Net to encrypt the files first using a randomly generated key using RNGCryptoServiceProvider

. Then I encrypt this random AES key with the RSA public key. The data sink is the only one that has the RSA secret key to decrypt it.

My question is: Is this the correct way to do something like this? If so, is it safe to send this RSA encrypted key with the data, since the encryption requires a private key?

EDIT . According to the answers, this is indeed the correct way.

EDIT - Thanks for the answers. Now, what I really want to know is:
When the end user creates their Public / Private key pair, what is the best way to store the private key? I don't want it to be accessible from only one machine, so I try to avoid using the user's keystore. But MSDN says it's not safe to store the key in a file, so how else can you do that?

+2


a source to share


4 answers


Use PGP unless there is a good reason not to. PGP is an open and ubiquitous standard for hybrid cryptography commonly used in email. There are many PGP implementations. The only .NET I know of is the C # Crypto library of the BouncyCastle project . PGP actually provides a superset of the functionality that you describe; for example, PGP can also digitally sign messages.

As for the secret key stores. A typical solution is to symmetrically encrypt the private key before writing it to disk. Only the true owner of the private key knows the encryption secret, and they don't tell anyone. Thus, even if an attacker obtains the private key file, they still have to compromise the secret or brute force of the symmetric cipher. All PGP implementations that I know do this.



Please do not override PGP if it does what you want. PGP is fairly widely supported. Moreover, mere mortals like me (and, presumably, myself) are unlikely to get everything right.

+3


a source


As for your first part, this is absolutely the way to go. He named the hybrid cryptosystem .



+3


a source


This is essentially what SSL does. RSA is used for authentication and key exchange of a symmetric session key (for example, AES), which is then used for the message body.

+2


a source


The traditional way to save the private key (used in GPG / PGP / PKCS # 1 / PKCS # 8) is to password protect it with a strong passphrase and paste it into the file. Most keystore management tools have a way to export keys in PKCS # 1 / PKCS # 8 format - you create a key on one computer, export it with a password, and import it to another computer; the key is outside the key store for transferring it between machines.

0


a source






More articles:


All Articles