RSA — encrypting and communicating with a TCP connection using Go
RSA is an encryption method that is used for asymmetric encryption. Asymmetric encryption is a way of making sure that communication between party A and B cannot be interfered by any other party C. The basic idea is to have a private key (a set of two numbers) as well as a public key (also a set of two numbers), and that any encryption using the public key is only decryptable (that means convertible back to the original text) by using the private key (which someone should really keep private and safe so that no one else has access to the private key). That way, party A, for example, only has to send its public key through the internet, and anyone can use this public key to encrypt some data and send the encrypted data across the internet back to party A. O course, hackers could somehow interfere and retrieve the sent data, but the data is securely encrypted using the public key. And even if the hacker got access to the public key, he wouldn’t be able to decrypt the data, because, as you probably remember, the public key can only encrypt, not decrypt in the expected manner. So that way party A being the administrator of that private key can now receive information from all over the world, without having anybody else (except the sender of course) be able to understand that information. (BTW, this process allows websites to use HTTPS instead of HTTP, and makes other things like SSH possible as well)
Back to RSA, which is an algorithm that makes this whole process possible. I won’t go into the mathematical details concerning that algorithm, but feel free to check it out ((164) The RSA Encryption Algorithm (1 of 2: Computing an Example) — YouTube). Go provides the package rsa inside the built in crypto package which we can use to generate a private key using the RSA algorithm. The intrinsically bound public key is simply a property on that generated private key.
In this example, I will demonstrate a communication over TCP where one party A first generates a pair of keys and listens on TCP for incoming connections, then party B of the communication retrieves the public key of party A. After that B sends an RSA encrypted message back to party A which will finally be able to decrypt the encrypted message.
First we need to set up the two TCP connection participants: Create two folders, each with one file and a main() function in it. These two files will represent the communication participants.
Now that we have created a basic communication flow for TCP, we can send data across this connection. Again, first, B requests to access the public key. We can extract the public key from the private key as follows:
Now that B has access to the data of the public key, we can extract that data from the connection message (from A):
Using that public key data, we can actually encrypt our secret message; I will use an extra bit of security with the SHA256 hashing algorithm:
And finally we can use the cipher text sent to A via connection to decrypt it and extract the actual message that we wanted to send:
That’s it! You sent an RSA encrypted message across TCP and demonstrated the model of an actual flow of securely sending and receiving messages through the internet. This is how the final code should now look like:
You can test if it works by pulling up two fresh terminals and first running a.go inside directory A/, and then after A is listening run b.go inside B/. The terminal that is running a.go should log the message “super secret message” to the console.
Please note, that this is my first uploaded story on medium.com and I may have written something in a not so clear way etc. Please comment critique in the comments and feel free to write what I could improve with my explanation as well as my code. Thanks!
