1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 2<!--========================================================================== 3 Copyright 2008 Nintendo. All rights reserved. 4 5 These coded instructions, statements, and computer programs contain 6 proprietary information of Nintendo of America Inc. and/or Nintendo 7 Company Ltd., and are protected by Federal copyright law. They may 8 not be disclosed to third parties or copied or duplicated in any form, 9 in whole or in part, without the prior written consent of Nintendo. 10 ==========================================================================--> 11<HTML> 12<HEAD> 13 <META http-equiv="Content-Type" content="text/html; charset=windows-1252"> 14 <META http-equiv="Content-Style-Type" content="text/css"> 15 <TITLE>Encryption Using the RSA Algorithm: Overview</TITLE> 16 <LINK rel="stylesheet" href="../../css/nitro.css"> 17 <BASE target="main"> 18</HEAD> 19<BODY> 20<H1>Encryption Using the RSA Algorithm: Overview</H1> 21 22<H2>Description</H2> 23<H3>About RSA Encryption</H3> 24<P> 25 The encryption functions that use the RSA algorithm were prepared for encryption using public keys. 26</P> 27<P> 28 The RSA algorithm has the following characteristics. 29</P> 30<ul> 31 <li>A type of public-key encryption</li> 32 <li>Extremely slow processing for encryption and decryption</li> 33</ul> 34<P> 35 One advantage of public-key cryptography is that, compared to shared-key cryptography, the risk associated with key transmission is low. A disadvantage is that the processing speed is slow relative to other cryptographic methods. A solution, therefore, is to encrypt the <I>data</I> using a non-RSA algorithm and to encrypt the <I>key</I> using RSA. 36</P> 37<H3>Precautions Regarding the Use of RSA Encryption</H3> 38<P> 39 The RSA encryption algorithm has the following properties. 40</P> 41<ol> 42 <li>The encryption is completely circumvented if the private key is compromised 43 <li>Decryption is possible if one can identify the private exponent (brute-force attack) 44 <li>It is possible to spoof data if one were to abuse the key transmission (man-in-the-middle attack) 45</ol> 46<P> 47 If the private key is compromised, it is possible both to defeat the encryption and to falsify signatures, and the safety provided by the encryption is lost. You must be duly careful about how you manage your private keys.<BR>Increasing the key length makes it easy to defend against brute-force attacks, but the longer you make your keys, the slower the encryption will become.<BR>Verification (signatures) of public keys is useful for preventing man-in-the-middle attacks. 48</P> 49<P> 50 For more information, refer to any basic text on encryption technology. 51</P> 52<H3>Key Format and Encryption/Decryption Strings</H3> 53<P> 54 The DER format is used for both public and private keys. The key format should be as follows. 55</P> 56<ol> 57 <li>The data format for keys conforms to ASN.1 format and is DER encoded.</li> 58 <li>The public exponent of the public key is 65537.</li> 59</ol> 60<P> 61 Although there is no restriction on the key length, operations have been confirmed for key lengths of 1024, 2048, and 4096 bits. 62</P> 63<P> 64 Encrypted strings take the following format. 65</P> 66<ol> 67 <li>Encrypted using RSA encryption</li> 68 <li>Padding in the PKCS#1 version 1.5 format</li> 69</ol> 70<P> 71 To be encrypted, strings must be at least 11 bytes shorter than the key length. (For example, if the key length is 1024 bits, the string being encrypted must be no longer than 117 bytes.)<BR>Strings that have been encrypted using some other method can be decrypted by the CRYPTO library, providing the encrypted string conforms to the above-described format. 72</P> 73<H3>Limitations</H3> 74<P> 75 Due to licensing issues, this library works only with TWL. It does not work with NITRO. 76</P> 77<a name="make_key"><H3>Key Creation Example</H3></a> 78<P> 79 The following example shows how to create a public key and private key using encryption by OpenSSL, which is part of the open source SSL toolkit. 80</P> 81<P><B>1. Create an RSA private key</B></P> 82<P> 83 Input the following commands in a command line on a system on which OpenSSL has been installed. This will generate a 1024-bit-long RSA private key file in PEM format, <CODE>privkey.pem</CODE>. 84</P> 85<PRE><CODE> > openssl genrsa -out privkey.pem</CODE></PRE> 86<P> 87 In the event that <CODE>privkey.pem</CODE> were to be leaked or compromised, anyone would be able to break or falsify the encryption. The private key file therefore needs to be maintained with the strictest care. 88</P> 89<P> 90 Once the private key has been created in PEM format, convert it to DER format. 91</P> 92<PRE><CODE> > openssl rsa -outform DER -in privkey.pem -out privkey.der</CODE></PRE> 93<P> 94 When specifying a private key with the CRYPTO library, convert the content of this <CODE>privkey.der</CODE> file to a C-language <CODE>u8</CODE> array. The <CODE>privkey.der</CODE> file is a private key just like <CODE>privkey.pem</CODE>, so it should be handled in an equally strict manner. 95</P> 96<P><B>2. Create an RSA public key</B></P> 97<P> 98 Create a public key in DER format with the following command. 99</P> 100<PRE><CODE> > openssl rsa -pubout -inform DER -in privkey.der -outform DER -out pubkey.der</CODE></PRE> 101<P> 102 When specifying a public key with the CRYPTO library, convert the content of this <CODE>pubkey.der</CODE> file to a C-language <CODE>u8</CODE> array. 103</P> 104<P><B>3. Check the functionality of the keys</B></P> 105<P> 106 Make sure the pair of private and public keys you generated is functioning properly.<BR>First, prepare a text file (<CODE>test.txt</CODE>) that contains a string that is shorter than the key and encrypt it using the public key, converting it to <CODE>test.txt.enc</CODE>. 107</P> 108<PRE><CODE> > openssl rsautl -encrypt -in test.txt -out test.txt.enc -pubin -keyform DER -inkey pubkey.der</CODE></PRE> 109<P> 110 Make sure the pair of private and public keys you generated is functioning properly.<BR>Next, decode <CODE>test.txt.enc</CODE> using the private key, converting it to <CODE>test.txt.dec</CODE>. 111</P> 112<PRE><CODE> > openssl rsautl -decrypt -in test.txt.enc -out test.txt.dec -keyform DER -inkey privkey.der</CODE></PRE> 113<P> 114 If the content of <CODE>test.txt</CODE> matches that of <CODE>test.txt.dec</CODE>, you have confirmed that the keys are functioning properly. 115</P> 116 117<H2>See Also</H2> 118<P> 119 <A href="../list_crypto.html#rsa">List of CRYPTO Functions</A> 120</P> 121 122<H2>Revision History</H2> 123<P> 124 2008/10/30 Revised the description of the format of encrypted strings.<BR> 2008/10/02 Revised the description of the key format.<BR> 2008/09/18 Made revisions concerning HTML tags.<BR> 2008/09/16 Revised some parts.<BR> 2008/03/27 Initial version. 125</P> 126 127<hr><p>CONFIDENTIAL</p></body> 128</HTML> 129