thanks a lot for the code i tried your code but i am getting error “attempt to process message to long for cipher” while decrypting the encrypted file.

Please can you suggest me where i might have gone wrong.

Thanks for helping me

private void btnGenerateKeys_Click(object sender, EventArgs e) { //ECDSASample(384); AsymmetricCipherKeyPair keys = GenerateRSAKeys(1024);

        /Option 1 to write RSA Private key, doesn't work with public however/
        PrivateKeyInfo privateKeyInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(keys.Private);
        byte[] serializedPrivateKey = privateKeyInfo.ToAsn1Object().GetDerEncoded();
        System.IO.File.WriteAllBytes("C:\RSAPrivate.key",serializedPrivateKey);

    /*Option 2 to write RSA Private Key, works same way with public*/
    StringBuilder sb = new StringBuilder();
    PemWriter pemwrit = new PemWriter(new StringWriter(sb));
    //char[] password = "test123".ToCharArray();
    pemwrit.WriteObject(keys.Private);
    pemwrit.Writer.Flush();

    System.IO.File.WriteAllText("C:\\RSAPrivate.Key",sb.ToString());

    sb = new StringBuilder();
    pemwrit = new PemWriter(new StringWriter(sb));
    pemwrit.WriteObject(keys.Public);
    pemwrit.Writer.Flush();

    System.IO.File.WriteAllText("C:\\RSAPublic.Key", sb.ToString());

    /*Example to read it back*/
    StringBuilder sbr = new StringBuilder();
    PemReader reader = new PemReader(new StringReader(pemwrit.Writer.ToString()));
    AsymmetricKeyParameter pubKey = (AsymmetricKeyParameter)reader.ReadObject();
    //RsaPublicKeyStructure key = new RsaPublicKeyStructure(reader.ReadObject();
}

public byte[] RSAEncryptV3(byte[] data, AsymmetricKeyParameter key) { SecureRandom rand = new SecureRandom(); IBufferedCipher cipher = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding");

        cipher.Init(true, new ParametersWithRandom(key, rand));

    byte[] cipherTextBlock = null; 
    int outputsize = cipher.GetOutputSize(data.Length); //Array size of ciphered data (encrypted data)
    int blockSize = cipher.GetBlockSize();  //Amount of data we can process at one time (-2 -2*hlen)
    List<byte> output = new List<byte>();
    int outputLen = 0;
    byte[] dataToProcess = null;
    for (int chunkPosition = 0; chunkPosition < data.Length; chunkPosition += blockSize)
    {
        dataToProcess = new byte[blockSize];
        int chunkSize = (data.Length - chunkPosition) < blockSize ? (data.Length - chunkPosition) : blockSize; //Math.Min(blockSize, data.Length - (chunkPosition * blockSize));
        Buffer.BlockCopy(data, chunkPosition, dataToProcess, 0, chunkSize);

        cipherTextBlock = new byte[outputsize];

        outputLen = cipher.ProcessBytes(dataToProcess, 0, chunkSize, cipherTextBlock, 0);
        cipher.DoFinal(cipherTextBlock, outputLen);
        //output.AddRange(e.ProcessBytes(data, chunkPosition,
        //  chunkSize));
        output.AddRange(cipherTextBlock);
    }

    return output.ToArray();
}

public byte[] RSADecryptV3(byte[] data, AsymmetricKeyParameter key)
{

    SecureRandom rand = new SecureRandom();
    IBufferedCipher cipher = CipherUtilities.GetCipher("RSA/NONE/OAEPWithSHA1AndMGF1Padding");

    cipher.Init(false, new ParametersWithRandom(key, rand));

    byte[] cipherTextBlock = null;
    int outputsize = cipher.GetOutputSize(data.Length); //Array size of ciphered data (encrypted data)
    int blockSize = cipher.GetBlockSize();  //Amount of data we can process at one time (-2 -2*hlen)
    List<byte> output = new List<byte>();
    int outputLen = 0;
    byte[] dataToProcess = null;

    for (int chunkPosition = 0; chunkPosition < data.Length; chunkPosition += blockSize)
    {
        dataToProcess = new byte[blockSize];
        int chunkSize = (data.Length - chunkPosition) < blockSize ? (data.Length - chunkPosition) : blockSize; //Math.Min(blockSize, data.Length - (chunkPosition * blockSize));
        Buffer.BlockCopy(data, chunkPosition, dataToProcess, 0, chunkSize);

        cipherTextBlock = new byte[outputsize];

        outputLen = cipher.ProcessBytes(dataToProcess, 0, chunkSize, cipherTextBlock, 0);
        cipher.DoFinal(cipherTextBlock, outputLen);
        //output.AddRange(e.ProcessBytes(data, chunkPosition,
        //  chunkSize));
        output.AddRange(cipherTextBlock);
    }

    return output.ToArray();
}

        // Create the KeyParameter for the DES3 key generated. 
        KeyParameter keyparam = ParameterUtilities.CreateKeyParameter("DES", keyByte);

iam able to execute the projec but if if i verify the decypted file its actually not decrypted. can you please suggest.

Block modes are actually only one of the weaknesses it has from a cryptanalytic perspective – others include lack of blinding, making it susceptible to timing attacks, and other shortcomings which are covered in the Wikipedia article cited by you. Also, more recent research suggest that even the sign/encrypt approach has flaws (read Don Davis’ paper “Defective Sign & Encrypt in SMIME, PKCS#7, MOSS, PEM, PGP and XML” from 2001 for an in-depth analysis). Even if there are weaknesses to all the various approaches, they are strong for certain applications. The key is knowing what to apply under which circumstances.

This topic is far beyond the scope of the article. Scaring people with statements is just as bad as ignorance. What needs to be done is to raise awareness, and crying “wolf wolf” never helped that. I think we agree on that, and I agree that the reader could benefit from a notice. It has been added.

Wikipedia is a good start: https://secure.wikimedia.org/wikipedia/en/wiki/Block_cipher_modes_of_operation

What you’re doing in your post is ECB mode. ECB mode has long been known by the security community to not provide serious message confidentiality. At the very least your original post should mention this and provide people a link to an elementary discussion of block cipher modes.

The article neither suggests that it is a good idea to encrypt large data using the scheme it implements, nor discusses the safety of this particular RSA scheme versus other schemes. In fact, it does not concern itself with security issues at all. This is deliberate because it is a different matter, way beyond the scope of the article. The implementation is a perfectly valid use of RSA, which for small data sets (size depends on key size and is another matter beyond the scope of the article) is safe and sound.

Saying that the code is unsafe is like saying that code which allows using RSA with a small key size is unsafe. It obviously is unsafe in the general case, but that doesn’t mean it’s wrong.

Moral: You must never uncritically copy/paste code off the internet without being sure it is valid, sound, safe, and correct for your usage scenario.

To encrypt large volumes of data using RSA, it is CRITICAL to use a padding scheme — a system called RSA-OAEP is one example. Well designed padding schemes used in conjunction with RSA prevent dictionary attacks, chosen plaintext attacks via ciphertext mutability based on the multiplicative homomorphism feature of RSA, and defend against recovery of cleartext which is otherwise possible when sending the same message to multiple public keys.

Honestly, just a quick perusal of wikipedia’s article on RSA should be enough to convince anyone that the code offered in this article is deeply flawed and fundamentally insecure.

Thank you very much

Thanks for this. I was actually able to use your suggestions in blinding messages. However, I can’t seem to go through the whole process of blinding a message, signing it, unblinding the signed message, and verifying the signature. I’ve written these codes: http://www.daniweb.com/forums/post1315685.html#post1315685

Please, if you could have a look, perhaps you could tell me what I’m doing wrong.

Thanks.