Practical Cryptography for Developers
  • Welcome
  • Preface
  • Cryptography - Overview
  • Hash Functions
    • Crypto Hashes and Collisions
    • Hash Functions: Applications
    • Secure Hash Algorithms
    • Hash Functions - Examples
    • Exercises: Calculate Hashes
    • Proof-of-Work Hash Functions
  • MAC and Key Derivation
    • HMAC and Key Derivation
    • HMAC Calculation - Examples
    • Exercises: Calculate HMAC
    • KDF: Deriving Key from Password
    • PBKDF2
    • Modern Key Derivation Functions
    • Scrypt
    • Bcrypt
    • Linux crypt()
    • Argon2
    • Secure Password Storage
    • Exercises: Password Encryption
  • Secure Random Generators
    • Pseudo-Random Numbers - Examples
    • Secure Random Generators (CSPRNG)
    • Exercises: Pseudo-Random Generator
  • Key Exchange and DHKE
    • Diffie–Hellman Key Exchange
    • DHKE - Examples
    • Exercises: DHKE Key Exchange
  • Encryption: Symmetric and Asymmetric
  • Symmetric Key Ciphers
    • Cipher Block Modes
    • Popular Symmetric Algorithms
    • The AES Cipher - Concepts
    • AES Encrypt / Decrypt - Examples
    • Ethereum Wallet Encryption
    • Exercises: AES Encrypt / Decrypt
    • ChaCha20-Poly1305
    • Exercises: ChaCha20-Poly1305
  • Asymmetric Key Ciphers
    • The RSA Cryptosystem - Concepts
    • RSA Encrypt / Decrypt - Examples
    • Exercises: RSA Encrypt / Decrypt
    • Elliptic Curve Cryptography (ECC)
    • ECDH Key Exchange
    • ECDH Key Exchange - Examples
    • Exercises: ECDH Key Exchange
    • ECC Encryption / Decryption
    • ECIES Hybrid Encryption Scheme
    • ECIES Encryption - Example
    • Exercises: ECIES Encrypt / Decrypt
  • Digital Signatures
    • RSA Signatures
    • RSA: Sign / Verify - Examples
    • Exercises: RSA Sign and Verify
    • ECDSA: Elliptic Curve Signatures
    • ECDSA: Sign / Verify - Examples
    • Exercises: ECDSA Sign and Verify
    • EdDSA and Ed25519
    • EdDSA: Sign / Verify - Examples
    • Exercises: EdDSA Sign and Verify
  • Quantum-Safe Cryptography
    • Quantum-Safe Signatures - Example
    • Quantum-Safe Key Exchange - Example
    • Quantum-Safe Asymmetric Encryption - Example
  • More Cryptographic Concepts
    • Digital Certificates - Example
    • TLS - Example
    • One-Time Passwords (OTP) - Example
  • Crypto Libraries for Developers
    • JavaScript Crypto Libraries
    • Python Crypto Libraries
    • C# Crypto Libraries
    • Java Crypto Libraries
  • Conclusion
Powered by GitBook
On this page
  • Encrypt Message with RSA-OAEP
  • Decrypt a Message with RSA-OAEP
  • * Implement Hybrid Encryption / Decryption with RSA-KEM

Was this helpful?

  1. Asymmetric Key Ciphers

Exercises: RSA Encrypt / Decrypt

PreviousRSA Encrypt / Decrypt - ExamplesNextElliptic Curve Cryptography (ECC)

Last updated 5 years ago

Was this helpful?

In this exercise you shall encrypt and decrypt messages using the RSA public-key cryptosystem.

Encrypt Message with RSA-OAEP

You are given a text message and a RSA public key (in PEM format). Write a program to encrypt the message, using the encryption scheme (RSA + PKCS#1 OAEP padding).

Input:

  • First line: the input message

  • Next few lines: the RSA public key (in the format)

  • The public key length can be 512 bits, 1024 bits, 2048 bits, 3072 bits or 4096 bits.

Output:

  • The encrypted message, printed as hex string.

Write your code in programming language of choice.

Sample input:

Secret message
-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMYhCcGpfoebriBbFaUMMwH3B5t7udir
ODJehnQTPlWLf9SVfQdx0v9ATJ2Rs5kQjdJ/wZYunMBVq6/FhgPZexsCAwEAAQ==
-----END PUBLIC KEY-----

The above input uses a 512-bit RSA public key and a small plain text message, that can fit inside the key length (after the OAEP padding).

Sample output (for the above input):

218dd78c5e14b4d58efd10575b521db46c0caa5c699134abf18bbeeac170cfe446e25d0d82257082539e4ccd3e0aa8bffc1b07d2bde9e635a7b9b7fc6cf4c266

Note: the above output should be different at each execution due to the randomness injected by the OAEP padding algorithm.

Decrypt a Message with RSA-OAEP

Input:

  • First line: the ciphertext (the encrypted message), given as hex string

Output:

  • Print the decrypted message as plain text

  • Print Decryption failed! in case of problem

Write your code in programming language of choice.

Sample input:

218dd78c5e14b4d58efd10575b521db46c0caa5c699134abf18bbeeac170cfe446e25d0d82257082539e4ccd3e0aa8bffc1b07d2bde9e635a7b9b7fc6cf4c266
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAMYhCcGpfoebriBbFaUMMwH3B5t7udirODJehnQTPlWLf9SVfQdx
0v9ATJ2Rs5kQjdJ/wZYunMBVq6/FhgPZexsCAwEAAQJAbNSzBkTzMswqHq3Juupz
jk3CSP7ye/i5Grnfgx0a7WOGpVrEDQNo0iihEf5pRAfaazEdfJX2Tj+auuv06392
kQIhAOeJahRwOt8cYroLZzHHf7LWQglRaTbtKShqmbLdBZMzAiEA2xADyA3xGXcl
txN0DOfSycwFyqkdlfsuyAwKibPteHkCIQDJ1P6UzHR1UwA434HYYejOU3mDN+V4
zOoI4kwTIBohAwIgLrqv09EFiUUdSnxf2RDqqhlXcu+4W/IE/K904AL9uSECICeT
tkAnJHB7k6fvox6ErJV53w06bUF1jGw8yHuaCcHX
-----END RSA PRIVATE KEY-----

The above input uses a 512-bit RSA private key and an encrypted ciphertext of the same length.

Sample output (for the above input):

Secret message

Another sample input (wrong 512-bit private key):

218dd78c5e14b4d58efd10575b521db46c0caa5c699134abf18bbeeac170cfe446e25d0d82257082539e4ccd3e0aa8bffc1b07d2bde9e635a7b9b7fc6cf4c266
-----BEGIN RSA PRIVATE KEY-----
MIIBOQIBAAJBAJd0kbrC4AxpcqBgWVPpb8IoI/kdQkF1twrfQtoMkHgB71vpY6Sg
68CUA7Ejq/dbAHlvFdXqwEK9vXH3kFpc8pcCAwEAAQJAaFrlXm2Pun2dgWthoTOi
0YCe6LKESF43dMJIab1mfYiltrSpGaoTXLvHR+NaAgqcr9KAH24Mi05ttUBcWRsI
QQIhAOLTSyeDZnq5rqdwBlU8p6USpeImRhWRNcCHA/QLxcaPAiEAqu+O1p1YB3Mp
GKgB9PvZE3TZqmlgtEFmSMYinF3g13kCIF9FjpCXMYkkysZLWG2e32+HaKOXneJb
Lq+iRjfQZg7jAiBcm6D1YRV6I8gWFZ/JzFBVHC95BdJgljYGI2JI+QuBcQIgLJjH
IPctSCUtukz+7fdeOdw/0FINcUGvnQyuEK34UxE=
-----END RSA PRIVATE KEY-----

The corresponding output should be:

Decryption failed!

Note that the RSA-OAEP padding algorithm has built-in checksum, which allows to detect incorrect decryption attempts, but it is not an authenticated encryption scheme.

* Implement Hybrid Encryption / Decryption with RSA-KEM

Write a program to encrypt a large message (bigger than the RSA key length, e.g. a PDF document) using the RSA-KEM hybrid encryption scheme with AES symmetric encryption (use block mode of choice, e.g. GCM or CTR).

Hint:

  • Note that in some languages it is hard to find and RSA-KEM implementation, so you can skip this exercise or use another hybrid encryption scheme (e.g. RSA + AES + HMAC).

Input:

  • The message for encryption

  • RSA public key (in PEM format)

Output:

  • The encrypted ciphertext (hex string)

  • The random IV salt for the AES cipher (hex string)

  • The authentication tag / MAC for the encrypted message (hex string)

  • The encapsulated secret key for the AES algorithm (hex string)

Write a program to decrypt given encrypted message, produced by the previous exercise, using the RSA-KEM hybrid encryption scheme with AES symmetric encryption (use block mode of choice, e.g. GCM or CTR).

Input:

  • The encrypted ciphertext (hex string)

  • The random IV salt for the AES cipher (hex string)

  • The authentication tag / MAC for the encrypted message (hex string)

  • The encapsulated secret key for the AES algorithm (hex string)

Output:

  • The decrypted original plaintext message

  • Print Decryption failed! if the message decryption is not successful (e.g. wrong password)

You are given a RSA-OAEP-encrypted ciphertext (as hex string) and a RSA private key (in PEM format). Write a program to decrypt the message, using the encryption scheme (RSA + PKCS#1 OAEP padding).

Next few lines: the RSA private key (in the format)

Check this example first: .

RSA-OAEP
PKCS#8
PEM
ASN.1
RSA-OAEP
PKCS#8
PEM
ASN.1
https://github.com/digitalbazaar/forge#rsakem