I want to clarify a couple of things.

For example, I need to encrypt a certain string (json) for transmission over a client-server architecture. As I understand it, I need to generate a key and IV (vector) for AES, encrypt them using the 'asymmetric' algorithm (RSA), and transfer it when the client connects. And decrypt the RSA key from the client, get the AES key and IV and decrypt the string using this AES key and IV. And so: I create an instance of AESManaged. I generate an AES key and an IV (GenerateKey () / GenerateIV ()).

Then I create an instance of RSACryptoServiceProvider Next, RSAParameters are created for it, Question: what are Modules and Exponent? Is this the public and private key? Those. open (Modules) I pass to the client, and the Exponent client should already know, right? Let's say ...

Next, I encrypt the AES key and IV via RSA, I transfer it to the client, it decrypts it according to the Exponent. And gets the AES key and IV.

Is that right?

Reread msdn, it seems I wrote a garbage ... 2nd hour of the night already, the head does not cook. Yes, both Exponent and Modules are parts of the public key. A set of D, P, and Q - the private key.

Those. for example, I can store it in a structure, and this structure will essentially be a private key.

Confirm if this is the case.

1 answer 1

Yes, that's right, except that IV does not have to be encrypted. It can be transferred to the open, security will not suffer from this. Most importantly, IV would always be different. If you use GenerateIV() , then you can not even think about it.

The RSA key pair must be generated on the side that will perform the decryption. If it is a server, then you generate a pair on it, you give the public key to the client, it encrypts it, you decrypt it with the private key.