RSA Encryption in Java/.NET and decryption in .NET

3
votes

My application has Java and .NET clients and my application is in .NET. My clients will send me an XML file encrypted using RSA public key and I need to decrypt it using .NET

For a string say "Achinth Anand Gurkhi" the Java RSA Encryption method generates the following encrypted string:

e8s2Ap3R1AwoaKB7OPCwkf0vhAVGaQisdoq2Yo0BvwcQ7v3oVtMOVc5wsnIyNVOSZV543imwIiBer0HSXRe8PoBD4jj0tTxtLA+bdoR40oQJD2UmZ4OpAH3g92wLXYd4bVvjllcCPPc0tSr/nzEKeZHcnhf6cGpuwfKyFNbXW2vtlEfmRd+LGqlixPRlx1OnsSMNNw+u/5IBs8MauY4Uwq1Lovlgd9f/8WTOvq9ityr84vGLMRGs4wpC7+fFNk8jGuNZgoCDLZw2RqrUd8FBFvN2wCRZXnS7Wg4QjiBdmnq0OsAwK9OFwqnil7DNnDnlytlecR5oYkDhO2fC4FzFiA==

For the same string the .NET RSA Encryption method generates the following encrypted string with the same public key used by Java program:

iJO4hwhXGX27jzK87X9gxzzbKpgf7FKhe6UcY7eoiCpLskOatgCMZTm0aTDuwRZGJGbZCIZt+JI9X8LxwOLmIbv5LGyDq+a8jkrPu+pDRvg2uRuKeQj2yBRcp36X+xFf61ux24NaX2RTCY9YfJcUis9NjEkL0eQ3gC79xO0vuBjaUA2oYOt0Mlr7DmKE+b0lz25J/WJuSW83g2oZOlvJ4RnsrFChu0vHnkHCQo9JVjhMc+Onj7+lbI1CDgGq4XigZrHt+j564y3sc3z0oQYfdZkF3yUZrzd3sJjd9KmryHf52eVb9/qgL2/Za1jUwTzKIOvtG/bQpR2ka7Qu1ZqbxQ==

But my .NET decryption method using the matching private key is able to decrypt both back to the same string "Achinth Anand Gurkhi". How is it possible that different encrypted strings return the same value?

4
c#java.netencryptionrsa
I have seen the .NET implementation with the same public key on different machines produce different ciphers.Oded
Related: stackoverflow.com/questions/5398125/…finnw

4 Answers

7
votes

It can happen because of Random Padding.

1
votes

You may have been lucky on this occasion and not been bitten by this (maybe because your sample file is only one block) but you need to ensure that the cipher mode is the same for both the encryptor and decryptor.

In .NET the cipher mode is controlled by the Mode property of the cipher. In Java it is controlled by the second and third fields of the transformation parameter of Cipher.getInstance()

The default mode also differs between the two platforms (CBC in .NET, ECB in Java) which can trip you up if you neglect to set the mode on either side.

1
votes

You haven't specified how you encrypted them in each case, but the standard methodology is to generate a random symmetric key, encrypt the message with that key, then encrypt the symmetric key with the public key, and send both. As a result, encrypting the same message with the same key will always give different results, even using the same code. This is expected, and it's a feature, not a bug: It means attackers can't tell if you're sending the same message multiple times either.

-1
votes

As far as I know Public/Private key pairs are like:

Use public key to a data to encrypt. Use private key to decrypt. i.e. public and private keys are inverse of each other.

Between, a communication channel, one end (source) shares the public key with the other end (dest). Now source encrypts its data using private key and send it to the dest. Dest applies the shared public key by the source to decrypt it.

What here might be going: The private keys of .NET and JAVA are different, but the corresponding public keys must be the inverse of respective private keys.

These keys may take hostname/ip/or anything (I'm not sure) into account to generate a public/private key pair.
The public key encrytion needs two keys which are inverse of each other but not necessarily the encrypted data be same

Any comments/suggestions?