The encryption functions that use the RSA algorithm were prepared for encryption using public keys.
The RSA algorithm has the following characteristics.
One advantage of public-key cryptography is that, compared to shared-key cryptography, the risk associated with key transmission is low. A disadvantage is that the processing speed is slow relative to other cryptographic methods. A solution, therefore, is to encrypt the data using a non-RSA algorithm and to encrypt the key using RSA.
The RSA encryption algorithm has the following properties.
If the private key is compromised, it is possible both to defeat the encryption and to falsify signatures, and the safety provided by the encryption is lost. You must be duly careful about how you manage your private keys.
Increasing the key length makes it easy to defend against brute-force attacks, but the longer you make your keys, the slower the encryption will become.
Verification (signatures) of public keys is useful for preventing man-in-the-middle attacks.
For more information, refer to any basic text on encryption technology.
The DER format is used for both public and private keys. The key format should be as follows.
Although there is no restriction on the key length, operations have been confirmed for key lengths of 1024, 2048, and 4096 bits.
Encrypted strings take the following format.
To be encrypted, strings must be at least 11 bytes shorter than the key length. (For example, if the key length is 1024 bits, the string being encrypted must be no longer than 117 bytes.)
Strings that have been encrypted using some other method can be decrypted by the CRYPTO library, providing the encrypted string conforms to the above-described format.
Due to licensing issues, this library works only with TWL. It does not work with NITRO.
The following example shows how to create a public key and private key using encryption by OpenSSL, which is part of the open source SSL toolkit.
1. Create an RSA private key
Input the following commands in a command line on a system on which OpenSSL has been installed. This will generate a 1024-bit-long RSA private key file in PEM format, privkey.pem.
> openssl genrsa -out privkey.pem
In the event that privkey.pem were to be leaked or compromised, anyone would be able to break or falsify the encryption. The private key file therefore needs to be maintained with the strictest care.
Once the private key has been created in PEM format, convert it to DER format.
> openssl rsa -outform DER -in privkey.pem -out privkey.der
When specifying a private key with the CRYPTO library, convert the content of this privkey.der file to a C-language u8 array. The privkey.der file is a private key just like privkey.pem, so it should be handled in an equally strict manner.
2. Create an RSA public key
Create a public key in DER format with the following command.
> openssl rsa -pubout -inform DER -in privkey.der -outform DER -out pubkey.der
When specifying a public key with the CRYPTO library, convert the content of this pubkey.der file to a C-language u8 array.
3. Check the functionality of the keys
Make sure the pair of private and public keys you generated is functioning properly.
First, prepare a text file (test.txt) that contains a string that is shorter than the key and encrypt it using the public key, converting it to test.txt.enc.
> openssl rsautl -encrypt -in test.txt -out test.txt.enc -pubin -keyform DER -inkey pubkey.der
Make sure the pair of private and public keys you generated is functioning properly.
Next, decode test.txt.enc using the private key, converting it to test.txt.dec.
> openssl rsautl -decrypt -in test.txt.enc -out test.txt.dec -keyform DER -inkey privkey.der
If the content of test.txt matches that of test.txt.dec, you have confirmed that the keys are functioning properly.
2008/10/30 Revised the description of the format of encrypted strings.
2008/10/02 Revised the description of the key format.
2008/09/18 Made revisions concerning HTML tags.
2008/09/16 Revised some parts.
2008/03/27 Initial version.
CONFIDENTIAL