0

I am creating a little software to encrypt and decrypt data using asymmetric keys.

The problem is, I am coding in C# and even if I use : 

 BigInteger.Pow(BigIntenger myNumber, int myExponent);

The exponent is an "int" and my value is to big for an int.

Just to quickly explain and to be sure I am not doing any mistake, you have to use big numbers to make it more difficult to decrypt without having the private key.

So I have

  • N = P * Q
  • P and Q are both prime numbers.
  • M = (P-1)+(Q-1)
  • C is a prime number with M
  • Then find U with : C×U+M×V=1

Public key (N,C).

Private key (U,N).

For example you want to encrypt : "Bonjour !" to UTF8.

You will have :

B⇔66 / o⇔111 / n⇔110 / j⇔106 / o⇔111 / u⇔117 / r⇔114 / (espace)⇔32 / !⇔33

Then raise each numbers to the power of C and modulo N.

Ex : valueOfB = (66^C)%N.

Now your message is encrypted.

If you want to decrypt it, you have to multiply each value by exponent U and modulo N.

Ex : (valueOfB^U)%N

So I can do this only if I use small number because I will have a small U value that fit with a "int" but it's not secure, how can I do this with a big U like BigInteger and not int ?

Romain P
  • 5
  • 2
  • You might want to look here: https://crypto.stackexchange.com/questions/43272/why-is-writing-your-own-encryption-discouraged, and another one: https://security.stackexchange.com/questions/18197/why-shouldnt-we-roll-our-own – Peter B Dec 18 '17 at 10:26
  • @PeterB: At some point somebody has got to write the code behind the libraries which mean other people do not need to do things again. So I don't think the answers is just to say don't bother doing it - there are plenty of reasons to want to do this sort of thing - for fun, for the experience of writing encryption code, ... I have written my own code for JPG & MP3 encryption/decryption - I would never use it in production code but it was fun to do. – PaulF Dec 18 '17 at 10:34
  • In your description of the procedure you write _"Then each number have to be multiplied by exponent C and modulo N."_ but the code you show raises the number to the power of C - which of these is correct? If you are multiplying then BigInteger allows two BigIntegers to be multiplied together. – PaulF Dec 18 '17 at 10:40
  • Thank you PaulF, I didn't know how to say it correctly, indeed it's "raise the number to the power of C" like in the example :) ! – Romain P Dec 18 '17 at 10:45
  • Do not use `a^b`, use `(a^b)%c` instead: [`ModPow`](https://learn.microsoft.com/dotnet/api/system.numerics.biginteger.modpow) – user4003407 Dec 18 '17 at 10:49
  • Thank you very much ! I didn't know this function, I think that could be the solution. I still have issues with my values so I can't confirm, but it looks like it's doing what I need ! – Romain P Dec 18 '17 at 13:19

1 Answers1

1

BigInteger.Pow of a BigInteger would be a massively complicated number.

Binary multiplication has the property that (roughly speaking) multiplying an n-bit number by an m-bit number produces an approximately (n+m)-bit answer.

10 * 4096 = 0b1010 * 0b1_0000_0000_0000  (4 bits, 13 bits)
40960 = 0b1010_0000_0000_0000 (16 bits)

16 * 4096 = 0b1_0000 * 0b1_0000_0000_0000  (5 bits, 13 bits)
65536 = 0b1_0000_0000_0000_0000 (17 bits)

15 * 4095 = 0b1111 * 0b1111_1111_1111 (4 bits, 12 bits)
61425 = 0b1110_1111_1111_0001 (16 bits)

Since exponentiation is repeated multiplication, and multiplication is repeated addition, we can see that raising a 1024-bit number to the power of a 512-bit number would produce an answer in the realm of 1024*512 bits (524288 bits, 65536 bytes).

But you're then going to follow it up with a modulus operation, bringing it back down the realm of a 1024-bit number. That's pretty wasteful.

Thankfully, algorithms exist for doing efficient modular exponentiation. Double thankfully for you, .NET went ahead and wrote that for you.

What you're looking for is

valueOfB = BigInteger.ModPow(66, U, N);
bartonjs
  • 30,352
  • 2
  • 71
  • 111
  • Someone gave me this function in the comment just above but thank you for the explanation :) ! I can mark this question as solve. – Romain P Dec 19 '17 at 07:50