CODEWITHSUNDEEP
.netsecurityencryption
David Casillas
David Casillas

Reputation: 1911

.net RSA - Changing private key

I'm testing RSA algorthm and just for trying tested what happend when decrypting with the wrong private key (D param).

I'm using RSACryptoServiceProvider with default constructor (no params). I encrypt an array of bytes and then change the private key. For this I export to a RSAParametersobject modify the D param and then import again. Then I decrypt the info and the result is the original data!!

So there should be something I'm missing in how this works. Here is the code.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

using System.Security.Cryptography;
using Apoyo;

namespace PruebaRSA
{
    class Program
    {
        static void Main(string[] args)
        {
            Ayuda ayuda = new Ayuda();
            byte[] datosOriginales = new byte[10];
            byte[] datosCifrados;
            byte[] datosDescifrados;

            CrearArrayDatos(datosOriginales);

            RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider();
            datosCifrados = rsaCSP.Encrypt(datosOriginales, false);



            //--------------------------------------------------------------
            //Decrypt with the original Private Key

            datosDescifrados = rsaCSP.Decrypt(datosCifrados, false);

            Console.WriteLine("Texto Cifrado:");
            ayuda.WriteHex(datosCifrados, datosCifrados.Length);
            Console.WriteLine("Texto Descifrado:");
            ayuda.WriteHex(datosDescifrados, datosDescifrados.Length);

            //Change the Private Key
            RSAParameters rsaParameters = rsaCSP.ExportParameters(true);
            byte[] newD = new byte[rsaParameters.D.Length];
            CrearArrayDatos(newD);
            rsaParameters.D = newD;
            rsaCSP.ImportParameters(rsaParameters);

            //Decrypt with the new Private Key
            datosDescifrados = rsaCSP.Decrypt(datosCifrados, false);
            Console.WriteLine("Texto Descifrado:");
            ayuda.WriteHex(datosDescifrados, datosDescifrados.Length);

            rsaParameters = rsaCSP.ExportParameters(true);
            Console.WriteLine("Clave privada utilizada: ");
            ayuda.WriteHex(rsaParameters.D, rsaParameters.D.Length);


            //____________________________________________

            Console.Write("Presionar Tecla");
            Console.Read();

        }

        private static void CrearArrayDatos(byte[] datos)
        {
            for (byte i = 0; i < datos.Length; i++)
            {
                datos[i] = i;
            }
        }
    }
}

Upvotes: 0

Views: 238

Answers (1)

Jack
Jack

Reputation: 289

RSAParameters contains additional parameters that can be used to speed up RSA decryption using the Chinese remainder theorem. Decrypting this way does not need D. It just needs Dp and Dq. So if you change one of these two parameters then I'd expect that decryption fails.

Of course, for good security it would be nice if .net would also provide a consistency check, so that such private keys with inconsistent parameters can be detected. (Not sure if such a consistency check is not implemented or if I just can't find it).

Upvotes: 2

Related Questions