0

I have a multichannel application that has a Web Version and a mobile version using C#.

This application uses 'Trust No One' security model. That means, the keys generated when the user registers are encrypted using a passphrase on the client side before being sent to the server.

These keys are used to encrypt the data, which is also stored on the server side.

The reason, RSA private key is encrypted is, we don't want to have the ability to decrypt the data.

Now, the application can be used on the browser or through mobile applications using Xamarin and C#.

The data encrypted using the keys generated in JS, should be able to be decrypted using C# on the mobile app and vice versa.

What's the best way to implement this kind of encryption that's compatible with JS and C#.

PS: The Keys are generated using the Browser Plugin! So, it's kind of safer since other applications will not be able to access the background scope of the plugin.

Preetham Reddy
  • 611
  • 2
  • 8
  • 19
  • No, we can't recommend anything, because recommendation requests are off-topic for StackOverflow (SO) and will be closed. – Artjom B. Feb 03 '15 at 08:58
  • I've edited my question to remove the recommendation. All I'm looking for is if there's any way to perform RSA encryption and decryption that produces the same results from JS and C#. I'm looking guidance here. – Preetham Reddy Feb 03 '15 at 09:37
  • You write that the keys are generated in a browser plugin. There is not much wiggle room. You simply have to find a way to move all the values to C#. You don't write what browser plugin this is and especially in what format they are preserved. Best possible answer that can be given with the information: You can see if the JS keys support some common format, and if not, you can probably extract all the values (p, q, n, e, ...) from the private and public keys to pass them to C# to build the keys from those values. – Artjom B. Feb 03 '15 at 09:55

1 Answers1

0

I've initially voted this down as too broad. Finding a matching set of primitives for a non-existing security protocol cannot be answered in detail. A general answer can be given however, so I'll do that.

You first need to define your protocol. Instead of using RSA or AES, you should simply use E (for encryption) and D (for decryption) and specify which keys you expect to use. Use H for hashing etc. Make sure your scheme is secure; if you are stuck doing that, then ask at SE's IT security site.

After you've defined you protocols you need to find matching primitives that are available both on C# and Java Script. A quick look showed that ECIES (which is much more efficient than RSA-encryption) is not directly present for Java Script. So at this time it's probably better to stick to RSA-OAEP. You should have defined a hybrid cryptosystem, so you may want to use AES authenticated encryption (e.g. GCM or CCM) as well.

Make very sure that your the implementation of RSA is resistant to time based attacks though, other applications may try and read the RSA private key during key generation or during decryption (or signing, if that's implemented).

As you can see, this is getting hard pretty quickly. This is why developers should try and stick to pre-defined constructions such as TLS instead. If TLS is not an option, you may want to look for container formats such as CMS or PGP and use those as starting points. Of course, it's still tricky to find secure implementations for those structures as well (welcome to crypto).

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263