# Alice, Bob & Eve: Rivest, Shamir & Adleman

Let's revisit the well-known scenario again: Alice would like to send a secret message to Bob, so eavesdropping Eve cannot understand it. This time they'll be using the RSA asymmetric algorithm.

In [23]:
using System.Security.Cryptography;

## Bob

Bob will generate RSA keypair. It consists of two keys: _public_ and _private_ (also called _secret_) key:

In [24]:
const int KEY_SIZE = 2048; // Key size in bits - 2048 is a common choice today

var rsa = RSA.Create(KEY_SIZE);

// Export keys in PEM (text) format
var bobPublicKeyPem = rsa.ExportSubjectPublicKeyInfoPem();
var bobPrivateKeyPem = rsa.ExportPkcs8PrivateKeyPem();

The following is a **public key**. It's public, because Bob has to publish it. Everyone needs a copy, if they want to send Bob and encrypted messsage. Public key is used for encrypting messages and verifying digital signatures:

In [25]:
bobPublicKeyPem

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LObVF28esGbx0eS4f9r
xK51Qbx6CFEI+HtrAGgp2UDSGZm9SbHYBnI7JUOKWO1cLDu01c2zpdUXMuc41jhB
QsBjFrlWzR++hPuH7YT8SYZ5UDSEldKMi6fiKkzTneH7DAUlOdWreHHs3nZM4DQN
a9Zb63STAhka2tphfRTjQ5+fF4KJYL4Hi/7SQglJrsgQLE0OgwCn6lifAjQYx0T5
0wxNe9tZzq4Pgj5AZonSu4FWJw2INIEyv9T1LYW47H64tV5r53djSgI01hLm0puQ
0Xy8ozmAAB5t3KShLJeYljebkjLOYHn664le5c6p/BIpzSFgYzer2NTjgyza9ZCV
fQIDAQAB
-----END PUBLIC KEY-----

The following is a **private key**. Or secret, because you have to keep it secret. Nobody should have access to it, besides Bob. For this reason, private key is often stored in HSM (Hardware Security Module), such as smart card, TPM or other dedicated device.

In [26]:
bobPrivateKeyPem

-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDQs5tUXbx6wZvH
R5Lh/2vErnVBvHoIUQj4e2sAaCnZQNIZmb1JsdgGcjslQ4pY7VwsO7TVzbOl1Rcy
5zjWOEFCwGMWuVbNH76E+4fthPxJhnlQNISV0oyLp+IqTNOd4fsMBSU51at4ceze
dkzgNA1r1lvrdJMCGRra2mF9FONDn58XgolgvgeL/tJCCUmuyBAsTQ6DAKfqWJ8C
NBjHRPnTDE1721nOrg+CPkBmidK7gVYnDYg0gTK/1PUthbjsfri1Xmvnd2NKAjTW
EubSm5DRfLyjOYAAHm3cpKEsl5iWN5uSMs5gefrriV7lzqn8EinNIWBjN6vY1OOD
LNr1kJV9AgMBAAECggEAVUviwxNgcgdpBIRjKsy6nfLzZ3+BnJ6J/QxsCgmIeQt+
Ewp7i4ANG21acPtusrOoBUgNu4hL0Q4LYjmQSDVLrt10YhgzurgrpKwsvM2qUt6L
/FTKj3UzDez6iXFG1/NBKIN92GpUn3Bob++HseZ0ScudW9kUMDpUeHfiej2sOLlq
Lg2iC70VRP0o27RiXycKZ+bLLHZl84t5KJmTwD8+FtoYBFbIKBuyl7souQ8KfBpT
nFcdvdQd0ZUVl0WKVPf6arw8G6RXu9UF1imxxmevGEqdWHU2t9n2TwKC5VHl1D99
8NpfwuR/1M+tZ4Gw0bbhivzlj6jRKIn7J+Lm6t3SHQKBgQDxQ9+trAWlCUcur2vF
3lOXVd+EQgqngTMkL+z2xG7ua8JAV54TG8Psb2aCPyMAngCy15kG6AFHVe4+oFA4
cSjL9eZRC3HJSzUVDuDWd6OT8fexSHMi3fU6hCGh8WlhoQbGxWxea+BviKMX709w
mAiKzTd/0Oz2u3Ab+1jw9T+aewKBgQDdcpv8QWqRHNunRdY9C3Wm3hTkiEO/pi

## Alice

Alice needs Bob's public key. It can be sent via open channel. It does not matter if Eva can read it.

In theory, we can use the public key to encrypt a short message like this:

In [27]:
// Create instance of RSA from Bob's public key PEM
var rsaBobPublic = RSA.Create();
rsaBobPublic.ImportFromPem(bobPublicKeyPem);

// Let's convert a text message to bytes
var plainText = "I love you!";
var plainBytes = System.Text.Encoding.UTF8.GetBytes(plainText);

// Encrypt the message using Bob's public key
var cipherBytes = rsaBobPublic.Encrypt(plainBytes, RSAEncryptionPadding.OaepSHA256);
var cipherText = Convert.ToBase64String(cipherBytes, Base64FormattingOptions.InsertLineBreaks);

cipherText

P5zxuANeBjUOfDCQfssAA25HPt3YP9qLOTA0HyhDvCYXxR7ZESfNlKXaLjcJ5I4GiWmyNEPDgfAO
/EEZqTRnX2+N1UCEw/B9S3xq2UR25vf536OJ5nP66SpCHPsSROkK7jZE4ilJEmD19stotxndGmBv
VcNSB76wEs7i2a0Q1Vntz34yeEcsGKcCLWAX8/u3d8dx1HhH2gCHQTptrdbkiF+orEP8/b/gwXyh
Amos+9JKdBsQl+eIRy46zLxLUuhVw5v0s1LK1TdR/AXiMcClNTlw/ZB3BvKQkLtg2AikK4NgV7dy
z/MCHanihVQfBs24OYQOWlurGm1Ilm2j/qIIwQ==

## Bob

Bob receives the encrypted message (using open channel) and decrypts it:

In [28]:
// Create instance of RSA from Bob's private key PEM
var rsaBobPrivate = RSA.Create();
rsaBobPrivate.ImportFromPem(bobPrivateKeyPem);

// Convert the Base64 cipher text back to bytes
var cipherBytes2 = Convert.FromBase64String(cipherText);

// Decrypt the message using Bob's private key
var decryptedBytes = rsaBobPrivate.Decrypt(cipherBytes2, RSAEncryptionPadding.OaepSHA256);
var decryptedText = System.Text.Encoding.UTF8.GetString(decryptedBytes);

decryptedText

I love you!

## Alice

The amount of data we can encrypt using RSA directly is limited. Therefore we usually use cryptosystem: combination of ciphers, which can give us the results we want. We will combine asymmetric RSA algorithm and symmetric AES algorithm. 

Let Alice generate random 256-bit AES key and encrypt is using RSA:

In [29]:
// Generate a random 256-bit key and print it in Base64
var aesKey = RandomNumberGenerator.GetBytes(32); // 32 bytes = 256 bits
Console.WriteLine("Raw AES Key:");
Console.WriteLine(Convert.ToBase64String(aesKey));
Console.WriteLine();

// Encrypt the AES key using Bob's public RSA key
var encryptedAesKey = rsaBobPublic.Encrypt(aesKey, RSAEncryptionPadding.OaepSHA256);
var encryptedAesKeyBase64 = Convert.ToBase64String(encryptedAesKey, Base64FormattingOptions.InsertLineBreaks);
Console.WriteLine("AES key encrypted using Bob's RSA public key:");
Console.WriteLine(encryptedAesKeyBase64);

Raw AES Key:
7azF8Tr9Rmy74k8ZMv3Ug7GMv7kwroFew10jORJ/YeM=

AES key encrypted using Bob's RSA public key:
dqDn+8ek9IpwcQJh+/CCq4vVpgfKtlENZE746c/xoGKymzOVpx4A1SYEIlmybQMCwNrYxHTUrjrU
WQ+Hvg23tcPfdh26dm4jdjR8uQHncCbmMf/y2h/x0rWc6NfZMBjNLzLb+evJph9wKzBpkSuKGVU5
YjCHTTtX4pvJLsovi1TGjtRwCCDg91UpifZLRQfq2NPa5uPTdQ1z0ZXhSO4s3DCeRJu93/MxHORM
FMgVbt2mXBPfwXD1wyQFAVAzMJyML5FIf8/I1u4f9gaZNFkA+8nxe6Kwy3Doe/mFYJVBOugP0UN0
lCDaKcE4cb9Yb7KkEqPBfmkrpRncTLD4hjHY6w==


Then Alice encrypts the message itself using AES, as usual:

In [30]:
// Create instance of AES GCM with the generated key
var aes = new AesGcm(aesKey, tagSizeInBytes: 16);
var nonce = RandomNumberGenerator.GetBytes(12); // 12 bytes nonce for AES GCM
var cipherBytes = new byte[plainBytes.Length];
var tag = new byte[16];
aes.Encrypt(nonce, plainBytes, cipherBytes, tag);

Console.WriteLine($"Nonce:       {Convert.ToBase64String(nonce)}");
Console.WriteLine($"Tag:         {Convert.ToBase64String(tag)}");
Console.WriteLine($"Cipher Text: {Convert.ToBase64String(cipherBytes)}");

Nonce:       RwNjMEUwKNG8AUhB
Tag:         gP/N6P/emGwra1DR5Vk4BA==
Cipher Text: /ah6s0puZhVVDXo=


Alice now creates data structure containing:

* AES symmetric key encrypted using RSA,
* AES Nonce,
* AES Tag,
* Data encrypted using AES.

For clarity, we will format it as JSON, although in practice it usually is some binary format:

In [32]:
// Package all the components into a record
record MessagePackage(string EncryptedKey, string Nonce, string Tag, string CipherText);

// Create the message package
var messagePackage = new MessagePackage(
    EncryptedKey: encryptedAesKeyBase64,
    Nonce: Convert.ToBase64String(nonce),
    Tag: Convert.ToBase64String(tag),
    CipherText: Convert.ToBase64String(cipherBytes)
);

// Serialize the package to JSON
var messagePackageJson = System.Text.Json.JsonSerializer.Serialize(messagePackage, new System.Text.Json.JsonSerializerOptions { WriteIndented = true });
messagePackageJson

{
  "EncryptedKey": "dqDn\u002B8ek9IpwcQJh\u002B/CCq4vVpgfKtlENZE746c/xoGKymzOVpx4A1SYEIlmybQMCwNrYxHTUrjrU\r\nWQ\u002BHvg23tcPfdh26dm4jdjR8uQHncCbmMf/y2h/x0rWc6NfZMBjNLzLb\u002BevJph9wKzBpkSuKGVU5\r\nYjCHTTtX4pvJLsovi1TGjtRwCCDg91UpifZLRQfq2NPa5uPTdQ1z0ZXhSO4s3DCeRJu93/MxHORM\r\nFMgVbt2mXBPfwXD1wyQFAVAzMJyML5FIf8/I1u4f9gaZNFkA\u002B8nxe6Kwy3Doe/mFYJVBOugP0UN0\r\nlCDaKcE4cb9Yb7KkEqPBfmkrpRncTLD4hjHY6w==",
  "Nonce": "RwNjMEUwKNG8AUhB",
  "Tag": "gP/N6P/emGwra1DR5Vk4BA==",
  "CipherText": "/ah6s0puZhVVDXo="
}

## Bob

Bob received the data structure and will deserialize it:

In [37]:
var bobMessagePackage = System.Text.Json.JsonSerializer.Deserialize<MessagePackage>(messagePackageJson)!;
var encryptedKeyBytes = Convert.FromBase64String(bobMessagePackage.EncryptedKey);
var nonceBytes = Convert.FromBase64String(bobMessagePackage.Nonce);
var tagBytes = Convert.FromBase64String(bobMessagePackage.Tag);
var cipherTextBytes = Convert.FromBase64String(bobMessagePackage.CipherText);
bobMessagePackage

Unnamed: 0,Unnamed: 1
EncryptedKey,dqDn+8ek9IpwcQJh+/CCq4vVpgfKtlENZE746c/xoGKymzOVpx4A1SYEIlmybQMCwNrYxHTUrjrU WQ+Hvg23tcPfdh26dm4jdjR8uQHncCbmMf/y2h/x0rWc6NfZMBjNLzLb+evJph9wKzBpkSuKGVU5 YjCHTTtX4pvJLsovi1TGjtRwCCDg91UpifZLRQfq2NPa5uPTdQ1z0ZXhSO4s3DCeRJu93/MxHORM FMgVbt2mXBPfwXD1wyQFAVAzMJyML5FIf8/I1u4f9gaZNFkA+8nxe6Kwy3Doe/mFYJVBOugP0UN0 lCDaKcE4cb9Yb7KkEqPBfmkrpRncTLD4hjHY6w==
Nonce,RwNjMEUwKNG8AUhB
Tag,gP/N6P/emGwra1DR5Vk4BA==
CipherText,/ah6s0puZhVVDXo=


Then Bob decrypts the encrypted symmetric AES key using his private RSA key:

In [38]:
var decryptedKey = rsaBobPrivate.Decrypt(encryptedKeyBytes, RSAEncryptionPadding.OaepSHA256);
Console.WriteLine($"Decrypted AES key: {Convert.ToBase64String(decryptedKey)}");
Console.WriteLine($"Original AES key:  {Convert.ToBase64String(aesKey)} (for comparison)");

Decrypted AES key: 7azF8Tr9Rmy74k8ZMv3Ug7GMv7kwroFew10jORJ/YeM=
Original AES key:  7azF8Tr9Rmy74k8ZMv3Ug7GMv7kwroFew10jORJ/YeM= (for comparison)


Finally, Bob can use this key, nonce, tag and ciphertext so he can decrypt the original message:

In [39]:
// Create instance of AES GCM with the decrypted AES key
var aesForDecryption = new AesGcm(decryptedKey, tagBytes.Length);
var decryptedPlainBytes = new byte[cipherTextBytes.Length];

// Decrypt the cipher text
aesForDecryption.Decrypt(nonceBytes, cipherTextBytes, tagBytes, decryptedPlainBytes);

// Convert decrypted bytes back to string
var decryptedPlainText = System.Text.Encoding.UTF8.GetString(decryptedPlainBytes);
decryptedPlainText

I love you!