# Proj 12: RSA Key Formats (10 pts. + 30 pts. extra credit)

What you need:
• Any Linux or Mac computer with openssl. Kali, Ubuntu, and Mac OS work fine.

## Purpose

To understand the various ways RSA keys are stored, and convert among them.

## Summary of RSA

Here's a diagram from the textbook showing the RSA calculations.

# 1. RSA Private Keys

## PKCS #1 Version 2.1

This format is specified in RFC 3447: Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1, in "Appendix A. ASN.1 syntax", as shown below.

## Generating a Private Key with OpenSSL

In a Terminal, execute this command:
```openssl genrsa ```
You see a PRIVATE KEY, as shown below.

## PEM Files and Parsing ASN.1 Format

This format is called PEM (Privacy Enhanced Email). The private key is encoded as a big blob of Base64 text.

To parse it, you need to save it in a file and use the "asn1parse" command.

Execute these commands to generate a "key.pem" file, view it, and parse it.

```openssl genrsa -out key.pem cat key.pem openssl asn1parse -in key.pem ```
This reveals the RSA parameters, as labelled below in red.

## Displaying the Public Key

An RSA public key consists of two values:
• n A long integer called the RSA modulus
• e A positive integer, often small, called the RSA public exponent

Execute these commands to generate the public key from your "key.pem" file.

```openssl rsa -in key.pem -pubout ```

Execute these commands to save the public key in a "public.pem" file, print it out, and parse it:

```openssl rsa -in key.pem -out public.pem -pubout cat public.pem openssl rsa -pubin -text < public.pem ```
This displays the "Modulus" (n) and the "Exponent" (e), as shown below.

## Making Longer Keys

The keys above are the default size of 512 bits, which is no longer considered secure.

Execute these commands to make a 2048-bit private key and display it.

```openssl genrsa -out key2.pem 2048 cat key2.pem ```
It's much longer, as shown below.

Execute these commands to see the public key.

```openssl rsa -in key2.pem -out public2.pem -pubout openssl rsa -pubin -text < public2.pem ```
It's much longer, as shown below.

## Encrypting the Private Key

If someone steals the private key file, they can read your encrypted data. To prevent that, the private key is usually stored as an encrypted file.

Execute this command to make a 2048-bit encrypted private key file. Enter a password, such as P@ssw0rd, when prompted to.

```openssl genrsa -out key3.pem -aes256 2048 ```
It's much longer, as shown below.

Execute this command to see the keyfile:

```cat key3.pem ```
It's encrypted with AES-CBC, as shown below.

Whenever you use this private key file, you'll need to supply the password.

Execute this command to display the public key.

```openssl rsa -in key3.pem -pubout ```

## Challenge 12a: Find p (5 pts.)

Find p from the key below.
```-----BEGIN RSA PRIVATE KEY----- MD0CAQACCQDTPWtAKLuWbwIDAQABAgh2uVRnKpyb0QIFAP2MzVUCBQDVR/SzAgRu u6WZAgQ2tLA1AgR2EBWK -----END RSA PRIVATE KEY----- ```
Use the form below to put your name on the WINNERS PAGE.
 Your Name (without spaces): p in hex, like this: `7610158A`

## Saving a Screen Image

Make sure the your name is visible on the winners page, as shown below.

Save a whole-desktop image with the filename "YOUR NAME Proj 12a", replacing "YOUR NAME" with your real name.

YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!

## Challenge 12b: Find Public Key (5 pts.)

Find the Public Key from the key below.
```-----BEGIN RSA PRIVATE KEY----- MD0CAQACCQDTPWtAKLuWbwIDAQABAgh2uVRnKpyb0QIFAP2MzVUCBQDVR/SzAgRu u6WZAgQ2tLA1AgR2EBWK -----END RSA PRIVATE KEY----- ```
Use the form below to put your name on the WINNERS PAGE.
 Your Name (without spaces): Public Key in Base64, like this: `i810CAwEAAQ==`

## Saving a Screen Image

Make sure the your name is visible on the winners page, as shown below.

Save a whole-desktop image with the filename "YOUR NAME Proj 12b", replacing "YOUR NAME" with your real name.

YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!

## Challenge 12c: Find q (10 pts. extra credit)

Find q from the key below. Portions of the key have been redacted, as shown in bold below.
```-----BEGIN RSA PRIVATE KEY----- MIIBPAIBAAJBAOz8ZwiRyoTBYCoExLqzlnr1GJ3D1qk+yQXwSEET2mRfbU+B/cNP cI6eQUnA4rSOHmwhsSwEXhPnzMvVjqIonPsCAwEAAQJBAIfNH3HOsaGfem65qs5e xxxxxxxxxObZPrKzfYQlT0miNyOrzA65U3yDa6qAZgwXPJuWU6b86PTPFFUQCei9 TFkCIQD2l+VEohU9goQplYkRnpfujZ6flUm96B6biqnPk9tUTQIhAPYGr50vSZqI xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx jDyz+KS5z68xHakCIEfyCpb/xhlvsIQZPLMj1q0eaydxrS4OxU0WuiKOCSYPAiEA nahcVY0yHAgXLvm1vSZgzYrcs1ESCKPQ+KWy8+meq80= -----END RSA PRIVATE KEY----- ```
Use the form below to put your name on the WINNERS PAGE.
 Your Name (without spaces): q in hex, like this: `7610158A`

## Saving a Screen Image

Make sure the your name is visible on the winners page, as shown below.

Save a whole-desktop image with the filename "YOUR NAME Proj 12c", replacing "YOUR NAME" with your real name.

YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!

## Challenge 12d: Find p (20 pts. extra credit)

Find p from the key below. Portions of the key have been redacted, as shown in bold below.
```-----BEGIN RSA PRIVATE KEY----- MIIBPAIBAAJBANY4uzFtiUFp5zL5puSWi0UVRj6U1v3uJi23d7p40VgEh1SmR0lx JjHNgHjqzU+gUeMoipx33kYvFRteCEH36JsCAwEAAQJBAMKsuYi4l0Qn3qBXedA/ xxxxxxxxxxxxxxxxD50ZEH2frkuuDlE/IVjIvbd78Rdgdwpt+hcrRh0NPLohTins dgECIQDr2CcsldtKiBOQxxxcVtM4IZtpqlXV2U8zFgf6/LnPmwIhAOiHgwUpMSty xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx OUbS4KlR8bN0WwIhAJVYU8JAzp/E2j6pAGJhGbpKUnb9gZpwyXvdxFa8OWQBAiEA 41EhQq90+1NqwpMIBoqYvQvqYPTW/y9KEJDbkyXK2r8= -----END RSA PRIVATE KEY----- ```
Use the form below to put your name on the WINNERS PAGE.
 Your Name (without spaces): p in hex, like this: ``` EBD8272C95DB4A88139000001C56D338219B69AA55D5D94F331607FAFCB9CF9B ```

## Saving a Screen Image

Make sure the your name is visible on the winners page, as shown below.

Save a whole-desktop image with the filename "YOUR NAME Proj 12d", replacing "YOUR NAME" with your real name.

YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!

Email the images to cnit.141@gmail.com with the subject line: Proj 12 from YOUR NAME.

## Sources

RSA Key Formats
Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
ASN.1 key structures in DER and PEM
Cryptography Tutorials - Herong's Tutorial Examples
Use OpenSSL To Generate Key Pairs
Generate RSA private key from n, e, d, p, q values in bash with OpenSSL
RSA: Get exponent and modulus given a public key

Posted 3-23-16 by Sam Bowne
Updated to refer to "P" in chal d 11-20-17 3:23 pm