Public Key Encryption

Previous page
Table of content
Next page


Public key encryption (also called asymmetric encryption) has an important difference from private key encryption. Public key encryption uses two different keys: one key for encryption and another key for decryption. Why don’t they simply call this two-key encryption and call private key encryption one-key encryption? While it is well known that security experts like to invent jargon to justify their high consultancy fees, there is also a logical reason for this naming, which lies in the way the two types of encryption are used.

While private key encryption assumes that both the encrypting and decrypting parties already know the private key, public key encryption provides a method to securely issue a key to someone and have that individual send you information that only you can decrypt. It works like this: Our system creates a public/private key pair. We send the public key to someone who uses it to encrypt a message. She sends the encrypted message to us, and we decrypt the message with the private key. (Note: The private key is not the same as the key used in private key encryption.) Even if an intruder gains possession of the public key, he cannot use it to decrypt the encrypted message because only the private key can decrypt the message, and this is never given away. In contrast with private key encryption, the keys used in public key encryption are more than simple strings. The key is actually a structure with eight fields: two of the fields are used for encrypting with the public key, and six are used for decrypting with the private key. The public key is obtained by extraction from the private key, which is why the private key can be used for both encryption and decryption. Figure 1-4 shows how public key encryption and decryption work, using the example of a system requesting a credit card number from a user.

click to expand
Figure 1-4: Public key encryption and decryption

Public key encryption is slower than private key encryption and cannot process large amounts of data. The RSA algorithm (RSA refers to the initials of the people who developed it: Ron Rivest, Adi Shamir, and Leonard Adleman) can encrypt a message of only 116 bytes (58 unicode characters). A common use for public key encryption is for securely passing a private key, which is then used for encrypting and decrypting other information.

Add public key encryption to the security library

In this exercise, you will add public key encryption functions to your security library.

  1. In Visual Studio .NET, open the project CH01_Encryption\EMS\ Start\EMS.sln.

  2. Open SecurityLibrary.vb. Add the following code:

    Namespace PublicKey
     Module PublicKey
     Function CreateKeyPair() As String
     ’Create a new random key pair
     Dim rsa As New RSACryptoServiceProvider()
     CreateKeyPair = rsa.ToXmlString(True)
     rsa.Clear()
     End Function
     Function GetPublicKey(ByVal strPrivateKey As String) As String
     ’Extract the public key from the 
     ’public/private key pair
     Dim rsa As New RSACryptoServiceProvider()
     rsa.FromXmlString(strPrivateKey)
     Return rsa.ToXmlString(False)
     End Function
     Function Encrypt(ByVal strPlainText As String, _
     ByVal strPublicKey As String) As String
     ’Encrypt a string using the private or public key
     Dim rsa As New RSACryptoServiceProvider()
     Dim bytPlainText() As Byte
     Dim bytCipherText() As Byte
     Dim uEncode As New UnicodeEncoding()
     rsa.FromXmlString(strPublicKey)
     bytPlainText = uEncode.GetBytes(strPlainText)
     bytCipherText = rsa.Encrypt(bytPlainText, False)
     Encrypt = Convert.ToBase64String(bytCipherText)
     rsa.Clear()
     End Function
     Function Decrypt(ByVal strCipherText As String, _
     ByVal strPrivateKey As String) As String
     ’Decrypt a string using the private key
     Dim rsa As New RSACryptoServiceProvider()
     Dim bytPlainText() As Byte
     Dim bytCipherText() As Byte
     Dim uEncode As New UnicodeEncoding()
     rsa.FromXmlString(strPrivateKey)
     bytCipherText = Convert.FromBase64String(strCipherText)
     bytPlainText = rsa.Decrypt(bytCipherText, False)
     Decrypt = uEncode.GetString(bytPlainText)
     rsa.Clear()
     End Function
     End Module
    End Namespace

start sidebar
Export Restrictions on Encryption

In June 2002, the United States Bureau of Industry and Security eased restrictions for companies that export software products containing encryption. Software that uses private key encryption with keys of more than 64 bits can be exported without a license to many destinations following a 30-day review period. For full details, see the Bureau of Industry and Security encryption Web site at http://www.bxa.doc.gov/Encryption/.

end sidebar



Previous page
Table of content
Next page
Security for Microsoft Visual Basic .NET
Security for Microsoft Visual Basic .NET
ISBN: 735619190
EAN: N/A
Year: 2003
Pages: 168
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
Developing Tablet PC Applications (Charles River Media Programming)
C & Data Structures (Charles River Media Computer Engineering)
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Extending and Embedding PHP
GDI+ Programming with C#
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy