RSA Crypto Service Provider key generation

Hot Topic

.NET performace?
Can't call dataadaper.Update method after the dataset.AcceptChanges has been called!!!
I NEED HELP! ITS AN EMERGENCY!
howto determine programmatically if a user belongs to a domain in VB.NET
Socket state changes unexpectedly
copying files indicating the status of the copying
Creating a Web Service
.NET Framework 2.0 (x64) Installation and DW20.exe location
How to publish website created using Visual Web Developer 2005 Express Edition
Hide password in connection string

.NET Development

Plural of word
data access problems
System requirements for VS 2005
Where is System.Speech.Dll????
Timer function with millaseconds elapsed (in dos/command-line)
cannot execute code on network-drive ??
How do I access files on another computer by passing another users credentials?
Serial communication - Baudrate
Problem downloading Framework 2.0
Hashtable -> memory limit?

RSA Crypto Service Provider key generation

When instantiating the RSACryptoServiceProvider with something like:

RSA = new RSACryptoServiceProvider(1024);

The object generates a "random" key inside the RSA object. My question is:

1) How random is this key that is beeing generated

2) Is there any standards (US or International) that can be used as a reference to how these random key's are generated



Answer this question

RSA Crypto Service Provider key generation

  • Georgette Gibson

    To answer your question you must know how cryptography works and how rsa works.
    Generate a "random" key for RSA means generate big prime numbers. To generate big number is not difficult, what is not easy is to know if it is really prime number. There are some mathematics test to check if a big number is good candidate to be a prime number, that doesn't means that is a prime number!
    To the other side the RSA base his strenght in the fact that is difficult to find the factors of a number. If you find a very fast algorithm to find the factors of a number you will know for sure if a number is a prime number, but so you will kill the RSA.

  • Letifix

    I guess you are right, however, if the key is not really random, Microsoft could have an implementation where they select a key from a predefined set of keys, and then they will be able to decrypt any message by trying theese predefined keys.

    Therefore I see a security breach if the keys are not random, and there should be a description of how keys are generated in the RSACryptoServiceProvider, and I have not been able to find one yet.

    Kind Regards,

  • Eric Stone

    There are standards for generating seeds for cryptographic keys (i.e. the German Company BSI (bsi.de) ) have the standard AIS 20 and AIS 31.

    1) Does RSACryptoServiceProvider conform to the AIS 20 or AIS 31 standards from BSI

    2) Does RSACryptoServiceProvider conform to another weldefined standard


  • RSA Crypto Service Provider key generation
Answer this question