The System.Security.Cryptography.RSA class exposes an RSA.ExportParameters(bool) method that enables you to retrieve the raw RSA key in the form of an System.Security.Cryptography.RSAParameters structure. Understanding the contents of this structure requires familiarity with how the System.Security.Cryptography.RSA algorithm works. The next section discusses the algorithm briefly.

RSA Algorithm

To generate a key pair, you start by creating two large prime numbers named p and q. These numbers are multiplied and the result is called n. Because p and q are both prime numbers, the only factors of n are 1, p, q, and n.

If we consider only numbers that are less than n, the count of numbers that are relatively prime to n, that is, have no factors in common with n, equals (p - 1)(q - 1).

Now you choose a number e, which is relatively prime to the value you calculated. The public key is now represented as {e, n}.

To create the private key, you must calculate d, which is a number such that (d)(e) mod (p - 1)(q - 1) = 1. In accordance with the Euclidean algorithm, the private key is now {d, n}.

Encryption of plaintext m to ciphertext c is defined as c = (m ^ e) mod n. Decryption would then be defined as m = (c ^ d) mod n.

Summary of Fields

Section A.1.2 of the tp://go.microsoft.com/fwlink/?LinkId=113155 on the RSA Laboratories Web site defines a format for RSA private keys.

The following table summarizes the fields of the System.Security.Cryptography.RSAParameters structure. The third column provides the corresponding field in section A.1.2 of tp://go.microsoft.com/fwlink/?LinkId=113155.

RSAParameters.D	d, the private exponent	privateExponent
RSAParameters.DP	d mod (p - 1)	exponent1
RSAParameters.DQ	d mod (q - 1)	exponent2
RSAParameters.Exponent	e, the public exponent	publicExponent
RSAParameters.InverseQ	(InverseQ)(q) = 1 mod p	coefficient
RSAParameters.Modulus	n	modulus
RSAParameters.P	p	prime1
RSAParameters.Q	q	prime2

The security of RSA derives from the fact that, given the public key { e, n }, it is computationally infeasible to calculate d, either directly or by factoring n into p and q. Therefore, any part of the key related to d, p, or q must be kept secret. If you call

RSACryptoServiceProvider.ExportParameters(bool) and ask for only the public key information, this is why you will receive only RSAParameters.Exponent and RSAParameters.Modulus. The other fields are available only if you have access to the private key, and you request it.

System.Security.Cryptography.RSAParameters is not encrypted in any way, so you must be careful when you use it with the private key information. In fact, none of the fields that contain private key information can be serialized. If you try to serialize an System.Security.Cryptography.RSAParameters structure with a remoting call or by using one of the serializers, you will receive only public key information. If you want to pass private key information, you will have to manually send that data. In all cases, if anyone can derive the parameters, the key that you transmit becomes useless.

Namespace: System.Security.Cryptography
Assembly: mscorlib (in mscorlib.dll)
Assembly Versions: 1.0.5000.0, 2.0.0.0, 4.0.0.0