GnuDeveloper.com

Cryptography : How RSA Key exchange works in realtime using Keytool, OpenSSL

Generate Key Pair

RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman

keytool -genkey -alias gdalias   -keystore www_gnudeveloper_com.jks  -keyalg RSA   -keysize 512 
-storepass gnudevpwd   




Converting Keystore format

We need to convert to view the java key store file to PEM (Privacy Enhanced Email)file so that we can easily view private key, public key etc..

keytool -importkeystore   -srcstoretype JKS  -deststoretype PKCS12  -srckeystore   www_gnudeveloper_com.jks 
-destkeystore  www_gnudeveloper_com.p12     -storepass gnudevpwd 
 
openssl pkcs12 -in www_gnudeveloper_com.p12  -out www_gnudeveloper_com.pem


RSA Key Details

we will see about public , private key & Key exchange works

Public Exponent (e)
This variable is used for Encryption, As in below example e=65537
PrivateExponent (d)
This variable is used for Decryption,
d = 0x00a428834183cc2b0fcf7913267cc4e848f4e4d012f8e7a4cbe1828a0fab164912a9d5e7b9e2fbc40d926f4c4dbda035769ba12798b8b27e66d2aa05ec2e51be8d
Modules (n)
The key length RSA is represented by this variable , calculated by modules (n) = p* q , This is required for both Encryption and Decryption,
n = 0xacec6e9055722498bbe6732ba0e5a85272c066ef1ce8a3a681520cfcaf21e2c120c18f9efdc0874496d8e571313429631ab7ac0e2d189618bd215488fc86c589
Prime 1 (p)
This is first prime number used for generating modules ,
p= 0x00edc134bcd78d8f21cc45071ac1a7f476bd2b5dec68a4b6e25ed3cb4c0d65e197
Prime 2 (q)
This is second prime number used for generating modules ,
q= 0x00ba3197079d8648ec7c9da02cfdfc0aa0df1927122ac82343e07a68c69be535df

c = message power (e) modulus n
c = m^e mod n
Orginal Message = c power (d) modulus n

Example for Encryption

The public key details for the below certificate in firefox browser as below

For example message = 2 ,
c = message power (e) modulus n
c = m^e mod n
c= 2 power (65537) modulus n
c = 0x45e0d49e403cb5f6b633a44aa75b4a9145dea2eb4bc81434c14c77dc7222ed6b8d56ca245d110117620168ff645f9843a4c2d570ada59b10e073036c4c72243b

Example for Decryption

Message = c power (d) modulus n
m = c^d mod n
Message =
0x45e0d49e403cb5f6b633a44aa75b4a9145dea2eb4bc81434c14c77dc7222ed6b8d56ca245d110117620168ff645f9843a4c2d570ada59b10e073036c4c72243b power (0x00a428834183cc2b0fcf7913267cc4e848f4e4d012f8e7a4cbe1828a0fab164912a9d5e7b9e2fbc40d926f4c4dbda035769ba12798b8b27e66d2aa05ec2e51be8d) modulus 0xacec6e9055722498bbe6732ba0e5a85272c066ef1ce8a3a681520cfcaf21e2c120c18f9efdc0874496d8e571313429631ab7ac0e2d189618bd215488fc86c589
Original Message = 2

The files used in article can be downloaded as below
JKS Keystore
PEM Keystore

Groups: