# RSA Encrytion and Decryption Example

## The RSA algorithm is used for asymmetric key encryption.  It generates a public-private key pair and uses them for exchanging data

This is different from the Diffie Hellman algorithm which generates a shared non public key that can then be used by both parties for subsequent data exchange using symmetric key encryption. 

Let's say that Bob wants to send a message to Alice that no one else can read.  How can we achieve this?

One way is to use the RSA **asymmetric** encryption method.  This method requires two keys, one that is private and one that is public.  In our example Alice will share the public key and Bob will use this key to encrypt the message that he wants to send to Alice.  Once the message has been encrypted the only way to decrypt it is to use the private key that only Alice has.

Note that in practice RSA is expensive to compute and therefore is mainly used to establish a session key which can then be used for less expensive symmetric encrytion /decryption of messages within the session.

The code below conceals all the interesting indepth math behind and just gets the job done.  

For more info on the .net api see [this link](https://docs.microsoft.com/en-us/dotnet/standard/security/cryptography-model)

1. Alice creates a new instance of RSACryptoServiceProvider to generate public and private key data.

In [None]:
open System.Security.Cryptography
open System.Text

let aliceRsa = new RSACryptoServiceProvider() // Note for fsi don't use 'use'
let aliceRsaParams = aliceRsa.ExportParameters(false) // false means don't include private key in export

2. Bob uses Alice's public key to encrypt his message. The public key as well as some other variables are all contained in the RSA export params object.  The important thing is that the private key is not included. 

In [None]:
let byteConverter = UnicodeEncoding()
let message = byteConverter.GetBytes("hi")

let bobRsa = new RSACryptoServiceProvider()
bobRsa.ImportParameters(aliceRsaParams)
let encryptedMessage = bobRsa.Encrypt(message, false)

3. Alice can now decrypt Bob's message

In [None]:
let decryptedMessage = aliceRsa.Decrypt(encryptedMessage, false)
byteConverter.GetString(decryptedMessage)

hi