Encryption Using the RSA Algorithm: Overview

Description

About RSA Encryption

The encryption functions that use the RSA algorithm were prepared for encryption using public keys.

The RSA algorithm has the following characteristics.

One advantage of public-key cryptography is that, compared to shared-key cryptography, the risk associated with key transmission is low. A disadvantage is that the processing speed is slow relative to other cryptographic methods. A solution, therefore, is to encrypt the data using a non-RSA algorithm and to encrypt the key using RSA.

Precautions Regarding the Use of RSA Encryption

The RSA encryption algorithm has the following properties.

  1. The encryption is completely circumvented if the private key is compromised
  2. Decryption is possible if one can identify the private exponent (brute-force attack)
  3. It is possible to spoof data if one were to abuse the key transmission (man-in-the-middle attack)

If the private key is compromised, it is possible both to defeat the encryption and to falsify signatures, and the safety provided by the encryption is lost. You must be duly careful about how you manage your private keys.
Increasing the key length makes it easy to defend against brute-force attacks, but the longer you make your keys, the slower the encryption will become.
Verification (signatures) of public keys is useful for preventing man-in-the-middle attacks.

For more information, refer to any basic text on encryption technology.

Key Format and Encryption/Decryption Strings

The DER format is used for both public and private keys. The key format should be as follows.

  1. The data format for keys conforms to ASN.1 format and is DER encoded.
  2. The public exponent of the public key is 65537.

Although there is no restriction on the key length, operations have been confirmed for key lengths of 1024, 2048, and 4096 bits.

Encrypted strings take the following format.

  1. Encrypted using RSA encryption
  2. Padding in the PKCS#1 version 1.5 format

To be encrypted, strings must be at least 11 bytes shorter than the key length. (For example, if the key length is 1024 bits, the string being encrypted must be no longer than 117 bytes.)
Strings that have been encrypted using some other method can be decrypted by the CRYPTO library, providing the encrypted string conforms to the above-described format.

Limitations

Due to licensing issues, this library works only with TWL. It does not work with NITRO.

Key Creation Example

The following example shows how to create a public key and private key using encryption by OpenSSL, which is part of the open source SSL toolkit.

1. Create an RSA private key

Input the following commands in a command line on a system on which OpenSSL has been installed. This will generate a 1024-bit-long RSA private key file in PEM format, privkey.pem.

 > openssl genrsa -out privkey.pem

In the event that privkey.pem were to be leaked or compromised, anyone would be able to break or falsify the encryption. The private key file therefore needs to be maintained with the strictest care.

Once the private key has been created in PEM format, convert it to DER format.

 > openssl rsa -outform DER -in privkey.pem -out privkey.der

When specifying a private key with the CRYPTO library, convert the content of this privkey.der file to a C-language u8 array. The privkey.der file is a private key just like privkey.pem, so it should be handled in an equally strict manner.

2. Create an RSA public key

Create a public key in DER format with the following command.

 > openssl rsa -pubout -inform DER -in privkey.der -outform DER -out pubkey.der

When specifying a public key with the CRYPTO library, convert the content of this pubkey.der file to a C-language u8 array.

3. Check the functionality of the keys

Make sure the pair of private and public keys you generated is functioning properly.
First, prepare a text file (test.txt) that contains a string that is shorter than the key and encrypt it using the public key, converting it to test.txt.enc.

 > openssl rsautl -encrypt -in test.txt -out test.txt.enc -pubin -keyform DER -inkey pubkey.der

Make sure the pair of private and public keys you generated is functioning properly.
Next, decode test.txt.enc using the private key, converting it to test.txt.dec.

 > openssl rsautl -decrypt -in test.txt.enc -out test.txt.dec -keyform DER -inkey privkey.der

If the content of test.txt matches that of test.txt.dec, you have confirmed that the keys are functioning properly.

See Also

List of CRYPTO Functions

Revision History

2008/10/30 Revised the description of the format of encrypted strings.
2008/10/02 Revised the description of the key format.
2008/09/18 Made revisions concerning HTML tags.
2008/09/16 Revised some parts.
2008/03/27 Initial version.


CONFIDENTIAL