# Alice, Bob & Eve: Rivest, Shamir & Adleman

Let's revisit the well-known scenario again: Alice would like to send a secret message to Bob, so eavesdropping Eve cannot understand it. This time they'll be using the RSA asymmetric algorithm.

In [1]:
using System.Security.Cryptography;

## Bob

Bob will generate RSA keypair. It consists of two keys: _public_ and _private_ (also called _secret_) key:

In [2]:
const int KEY_SIZE = 2048; // Key size in bits - 2048 is a common choice today

var rsa = RSA.Create(KEY_SIZE);

// Export keys in PEM (text) format
var bobPublicKeyPem = rsa.ExportSubjectPublicKeyInfoPem();
var bobPrivateKeyPem = rsa.ExportPkcs8PrivateKeyPem();

The following is a **public key**. It's public, because Bob has to publish it. Everyone needs a copy, if they want to send Bob and encrypted messsage. Public key is used for encrypting messages and verifying digital signatures:

In [3]:
bobPublicKeyPem

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1Xy4CmrvrDbPgRujfjE
BvX+TJspvsYcbq7E0FPYaYAUDG8zRvbzAIWbnkdENGnz590RbNtTDGI7zNQoziy7
8t07fnDS+BJv5GDlEQZfdA6x6ca/aqjDpk8onRI4uRSjbop775QmkaOkDbE6NEsB
+cnioHKTX2ZJHivkdaeASKazun1KrnHOEbQsURgdc6Kj+ywGSGO1TAzZmJvftTC/
lcuSvbawCgcgfPG1MS5dP/l5YQlCcD4aMWYOllYOvz9+m67x2Uu8bPcpuv28uNbb
UstLYXsM8eyAk94HzTfNaNmIlqXgK0pdadU+6IS8YkK4j8e2PO2LDQ5N1fsVrG59
LQIDAQAB
-----END PUBLIC KEY-----

The following is a **private key**. Or secret, because you have to keep it secret. Nobody should have access to it, besides Bob. For this reason, private key is often stored in HSM (Hardware Security Module), such as smart card, TPM or other dedicated device.

In [4]:
bobPrivateKeyPem

-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7VfLgKau+sNs+
BG6N+MQG9f5Mmym+xhxursTQU9hpgBQMbzNG9vMAhZueR0Q0afPn3RFs21MMYjvM
1CjOLLvy3Tt+cNL4Em/kYOURBl90DrHpxr9qqMOmTyidEji5FKNuinvvlCaRo6QN
sTo0SwH5yeKgcpNfZkkeK+R1p4BIprO6fUqucc4RtCxRGB1zoqP7LAZIY7VMDNmY
m9+1ML+Vy5K9trAKByB88bUxLl0/+XlhCUJwPhoxZg6WVg6/P36brvHZS7xs9ym6
/by41ttSy0thewzx7ICT3gfNN81o2YiWpeArSl1p1T7ohLxiQriPx7Y87YsNDk3V
+xWsbn0tAgMBAAECggEBAJxmAyD2aTYIfOFn3cyVVULieG4IVG+7Ad299v5eIZzi
mtpOtCaY4QMciHE52k1P75sxyuxwpwL9uCMnNPH8EuWNoa/MDbWh3txxsIvoICTK
Z+peTUyEnOLpz2Ri5AxQmKke4J2BuDl6vunXflpODNY3oAaH4VWSFZUk29UGBGmh
o1I9ru5gTYOdg9OwFhSyu6Z26kGEUOdDmzP0tN50qV/8HM1uEP61GH2Y+brOzeBV
xb1EHUpK9dkOYqEh3nQx78Wg1OXg+eAFCMD0tPl7WHDQHWtW9hAmNlotqhrqJjsm
vJdhE8Xr+LLumnP4clmwFGOJ82WfAk1Y6V+2TLU+7xkCgYEA82nGBZMVMk8Iet6i
NAWo4fTbcVMsB+XG4ABIFKvg2kAhJx+KlRcWupYUhmBBRLw+tm/m/256Vy+DTxnH
br9yMW77+E4Ib1JIap5v6T6yEarWbh6/o/HB5f5CacKJHXUT4WNiI+zSY8kW9uSf
uRP6506lq6uxv3reB4t2ihQdf6sCgYEAxQXW/yEcai72jsor092cGpl7Qlrgns

## Alice

Alice needs Bob's public key. It can be sent via open channel. It does not matter if Eva can read it.

In theory, we can use the public key to encrypt a short message like this:

In [5]:
// Create instance of RSA from Bob's public key PEM
var rsaBobPublic = RSA.Create();
rsaBobPublic.ImportFromPem(bobPublicKeyPem);

// Let's convert a text message to bytes
var plainText = "I love you!";
var plainBytes = System.Text.Encoding.UTF8.GetBytes(plainText);

// Encrypt the message using Bob's public key
var cipherBytes = rsaBobPublic.Encrypt(plainBytes, RSAEncryptionPadding.OaepSHA256);
var cipherText = Convert.ToBase64String(cipherBytes, Base64FormattingOptions.InsertLineBreaks);

cipherText

VOW97K5cMKebI+QC09hnm5yE0vljCXaz09GwPwhclp6gLufM0abytxoSGCPvdQkOB8LUKa2WCfTT
SN4jLBixkkKVkSxbVij0AkRndSr7NvTN5UtqWJFVYDDvxSxngoQfy9j+4UPTmRd+moi0cWwJc5al
jYmiTI1lNPYiMRvmSiaJN1aR0ScVxrCjYhSD2P4mu3K6x17Y3gyYRySO6EbL4XMbP9WUzVWPTv7R
AyuG94IUXE48TipJ2L3JqXxxPewHxDgn47UyvtqU2xMl2KARkNvF4mXZdn0lW/nD7iaRFkKFYk3z
2RhNL7op8czI51mpnZ0grsrGcD17YdRSmZyfKQ==

## Bob

Bob receives the encrypted message (using open channel) and decrypts it:

In [6]:
// Create instance of RSA from Bob's private key PEM
var rsaBobPrivate = RSA.Create();
rsaBobPrivate.ImportFromPem(bobPrivateKeyPem);

// Convert the Base64 cipher text back to bytes
var cipherBytes2 = Convert.FromBase64String(cipherText);

// Decrypt the message using Bob's private key
var decryptedBytes = rsaBobPrivate.Decrypt(cipherBytes2, RSAEncryptionPadding.OaepSHA256);
var decryptedText = System.Text.Encoding.UTF8.GetString(decryptedBytes);

decryptedText

I love you!

## Alice

The amount of data we can encrypt using RSA directly is limited. Therefore we usually use cryptosystem: combination of ciphers, which can give us the results we want. We will combine asymmetric RSA algorithm and symmetric AES algorithm. 

Let Alice generate random 256-bit AES key and encrypt is using RSA:

In [7]:
// Generate a random 256-bit key and print it in Base64
var aesKey = RandomNumberGenerator.GetBytes(32); // 32 bytes = 256 bits
Console.WriteLine("Raw AES Key:");
Console.WriteLine(Convert.ToBase64String(aesKey));
Console.WriteLine();

// Encrypt the AES key using Bob's public RSA key
var encryptedAesKey = rsaBobPublic.Encrypt(aesKey, RSAEncryptionPadding.OaepSHA256);
var encryptedAesKeyBase64 = Convert.ToBase64String(encryptedAesKey, Base64FormattingOptions.InsertLineBreaks);
Console.WriteLine("AES key encrypted using Bob's RSA public key:");
Console.WriteLine(encryptedAesKeyBase64);

Raw AES Key:
V+5qvEBxZrjsSd36CIO3HzhqdfZrtlLL6R/qx0Igha4=

AES key encrypted using Bob's RSA public key:
LePONJCAHA+rprGPdW+T5QDAMZ/SZBRm03oiVIjTxhF01qtObnVpwilAGKr1qY+Vin8VNqiqGOtL
hDsW+drpZ8vW/93MGbcozMLIQtBPak1c8f4NgZoPE/109Q7atwwHDuCaT1WDxSu5rBhFM63o4N9j
deDEbgNHeo+k8qtiCetWNQbhXNSdLAmTJf06XjuPw4rkhirWGbMxD0RtAVF5Al7JF1DZQUZMZuuA
IFWryzY6eCUG3e08Em4jpqYoWiaHCdyvJ08kboZ+wccaU2KInqqSHtOgvXS/CfB0ZkbvyBDUyBqb
kq20nkFi3/H/bpDBRqLc9yti4aTF3Mle3xpcAg==


Then Alice encrypts the message itself using AES, as usual:

In [8]:
// Create instance of AES GCM with the generated key
var aes = new AesGcm(aesKey, tagSizeInBytes: 16);
var nonce = RandomNumberGenerator.GetBytes(12); // 12 bytes nonce for AES GCM
var cipherBytes = new byte[plainBytes.Length];
var tag = new byte[16];
aes.Encrypt(nonce, plainBytes, cipherBytes, tag);

Console.WriteLine($"Nonce:       {Convert.ToBase64String(nonce)}");
Console.WriteLine($"Tag:         {Convert.ToBase64String(tag)}");
Console.WriteLine($"Cipher Text: {Convert.ToBase64String(cipherBytes)}");

Nonce:       90pDV+8T0bPvGq9w
Tag:         kvNvuwaBPV7bM8cbjXMVEg==
Cipher Text: hgtRnp+dnTl01bM=


Alice now creates data structure containing:

* AES symmetric key encrypted using RSA,
* AES Nonce,
* AES Tag,
* Data encrypted using AES.

For clarity, we will format it as JSON, although in practice it usually is some binary format:

In [9]:
// Package all the components into a record
record MessagePackage(string EncryptedKey, string Nonce, string Tag, string CipherText);

// Create the message package
var messagePackage = new MessagePackage(
    EncryptedKey: encryptedAesKeyBase64,
    Nonce: Convert.ToBase64String(nonce),
    Tag: Convert.ToBase64String(tag),
    CipherText: Convert.ToBase64String(cipherBytes)
);

// Serialize the package to JSON
var messagePackageJson = System.Text.Json.JsonSerializer.Serialize(messagePackage, new System.Text.Json.JsonSerializerOptions { WriteIndented = true });
messagePackageJson

{
  "EncryptedKey": "LePONJCAHA\u002BrprGPdW\u002BT5QDAMZ/SZBRm03oiVIjTxhF01qtObnVpwilAGKr1qY\u002BVin8VNqiqGOtL\r\nhDsW\u002BdrpZ8vW/93MGbcozMLIQtBPak1c8f4NgZoPE/109Q7atwwHDuCaT1WDxSu5rBhFM63o4N9j\r\ndeDEbgNHeo\u002Bk8qtiCetWNQbhXNSdLAmTJf06XjuPw4rkhirWGbMxD0RtAVF5Al7JF1DZQUZMZuuA\r\nIFWryzY6eCUG3e08Em4jpqYoWiaHCdyvJ08kboZ\u002BwccaU2KInqqSHtOgvXS/CfB0ZkbvyBDUyBqb\r\nkq20nkFi3/H/bpDBRqLc9yti4aTF3Mle3xpcAg==",
  "Nonce": "90pDV\u002B8T0bPvGq9w",
  "Tag": "kvNvuwaBPV7bM8cbjXMVEg==",
  "CipherText": "hgtRnp\u002BdnTl01bM="
}

## Bob

Bob received the data structure and will deserialize it:

In [10]:
var bobMessagePackage = System.Text.Json.JsonSerializer.Deserialize<MessagePackage>(messagePackageJson)!;
var encryptedKeyBytes = Convert.FromBase64String(bobMessagePackage.EncryptedKey);
var nonceBytes = Convert.FromBase64String(bobMessagePackage.Nonce);
var tagBytes = Convert.FromBase64String(bobMessagePackage.Tag);
var cipherTextBytes = Convert.FromBase64String(bobMessagePackage.CipherText);
bobMessagePackage

Unnamed: 0,Unnamed: 1
EncryptedKey,LePONJCAHA+rprGPdW+T5QDAMZ/SZBRm03oiVIjTxhF01qtObnVpwilAGKr1qY+Vin8VNqiqGOtL hDsW+drpZ8vW/93MGbcozMLIQtBPak1c8f4NgZoPE/109Q7atwwHDuCaT1WDxSu5rBhFM63o4N9j deDEbgNHeo+k8qtiCetWNQbhXNSdLAmTJf06XjuPw4rkhirWGbMxD0RtAVF5Al7JF1DZQUZMZuuA IFWryzY6eCUG3e08Em4jpqYoWiaHCdyvJ08kboZ+wccaU2KInqqSHtOgvXS/CfB0ZkbvyBDUyBqb kq20nkFi3/H/bpDBRqLc9yti4aTF3Mle3xpcAg==
Nonce,90pDV+8T0bPvGq9w
Tag,kvNvuwaBPV7bM8cbjXMVEg==
CipherText,hgtRnp+dnTl01bM=


Then Bob decrypts the encrypted symmetric AES key using his private RSA key:

In [11]:
var decryptedKey = rsaBobPrivate.Decrypt(encryptedKeyBytes, RSAEncryptionPadding.OaepSHA256);
Console.WriteLine($"Decrypted AES key: {Convert.ToBase64String(decryptedKey)}");
Console.WriteLine($"Original AES key:  {Convert.ToBase64String(aesKey)} (for comparison)");

Decrypted AES key: V+5qvEBxZrjsSd36CIO3HzhqdfZrtlLL6R/qx0Igha4=
Original AES key:  V+5qvEBxZrjsSd36CIO3HzhqdfZrtlLL6R/qx0Igha4= (for comparison)


Finally, Bob can use this key, nonce, tag and ciphertext so he can decrypt the original message:

In [12]:
// Create instance of AES GCM with the decrypted AES key
var aesForDecryption = new AesGcm(decryptedKey, tagBytes.Length);
var decryptedPlainBytes = new byte[cipherTextBytes.Length];

// Decrypt the cipher text
aesForDecryption.Decrypt(nonceBytes, cipherTextBytes, tagBytes, decryptedPlainBytes);

// Convert decrypted bytes back to string
var decryptedPlainText = System.Text.Encoding.UTF8.GetString(decryptedPlainBytes);
decryptedPlainText

I love you!