RSA Encryption - Encrypt with private key

Question

I am looking for a way to encrypt data with a private key, and have the public key decrypt it. I am aware this is generally NOT what you want from encryption, as it will be readable with by anyone with the public key, but that is exactly what I require.

I require a string of data to be encrypted by the private key, so that only I can create the encrypted data, and have my application read it by the public key. The idea behind this is to create a license file for my application, encrypt the license details, and have the application read this data. This will prevent licenses being generated by anyone other than me, however will allow the application to read it by the public key.

The idea of this is to control the encrypted data, and not care who can read it, only who can create it.

Using the RSACryptoServiceProvider, I can create my public/private keys, I can encrypt the data with the private key, however when I go to decrypt with the public key, I get a "Key Not Found" exception.

Signing with RSA is also not possible, as I need to compare encrypted data with plain text data, to ensure the license is valid, and signing only verifies the source, not what it contains.

Is there any other crypto provider that I can use to accomplish this, or some other method of reading license details, whereby I keep the private key, and distribute the public key with my application for license verification.

Cheers

Answer 1

You need signing. Really.

The whole signing API is aimed at signing a Hash-value because RSA is slow so the Hash is used as a synopsis. That should suit your needs, you can always send the unencrypted text alongside. You use the signature to validate it.

Answer 2

I am looking for a way to encrypt data with a private key, and have the public key decrypt it. I am aware this is generally NOT what you want from encryption, as it will be readable with by anyone with the public key, but that is exactly what I require.

"Encrypt with the private key" is not a valid cryptographic transformation. The reason you are having trouble with it is, libraries don't support it because is not a valid cryptographic transformation.

In cases like this you usually want to use a Signature Scheme with Recovery (PSSR).

---

The idea behind this is to create a license file for my application, encrypt the license details, and have the application read this data. This will prevent licenses being generated by anyone other than me, however will allow the application to read it by the public key.

From a data security point of view, rather than "encrypt the license details" , you merely sign the license details. Others [still] will not be able to sign new licenses, and licensees will be able to verify with the public key.

---

Signing with RSA is also not possible, as I need to compare encrypted data with plain text data, to ensure the license is valid, and signing only verifies the source, not what it contains.

I'm not quite following this. No comment...

---

Is there any other crypto provider that I can use to accomplish this, or some other method of reading license details, whereby I keep the private key, and distribute the public key with my application for license verification.

I don't know if Microsoft or .Net offers Signature Schemes with Recovery.

If you are open to other libraries, then Botan and Crypto++ offer signature schemes with recovery. A simple Wrapper DLL and Interop should work fine.

In Crypto++ you would use something like this from RSA Signature Schemes on the Crypto++ wiki. The PSSR is Probabilistic Signature Schemes with Recovery .

RSASS<PSSR, SHA256>::Signer signer(privateKey);
RSASS<PSSR, SHA256>::Verifier verifier(publicKey);