Home/ Questions/Q 6986521
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T18:49:11+00:00

Instead of spending a bunch of $$ on ssl, can I implement RSA on

  • 0

Instead of spending a bunch of $$ on ssl, can I implement RSA on my own? (I don’t care about proving the site’s identity; I just want to encrypt a password between clients and the server to protect from man-in-the-middle attacks). I’ve read that any custom solutions are likely to be very insecure, but could someone read my plan and give a thoughtful response?

First I would create public and private keys. I would encrypt the client password with javascript by translating the letters of the password to ascii-values, and then multiply or add (any suggestions?) these ascii-values to get the “unencrypted message”. I would then encrypt this message using javascript and the public key.

On the server, I would decrypt the secure message using the private key and end up with the sum/product of the password’s ascii-values. Any tips on how to get the individual letters from that?

Edit: I’ve reached the conclusion that SSL is the best way to go. I was only looking at the client to server side of the deal (where all the client sends is a password). Of course, the information sent by the server to the client is valuable, and should not be vulnerable to MITM attacks. Thanks for the free SSL suggestions.

Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There are a bunch of reasons not to roll your own encryption.

    1. SSL gives the user confidence that the site is secure and that eavesdroppers cannot view the password on the wire. If you don’t use SSL then the usual browser indications that the site is secure will not be present.
    2. It’s really hard to get RSA right (or any crypto algorithm for that matter). First off, using raw RSA is insecure and you need to have an appropriate padding mechanism and wotnot to make it actually secure. RSA can also only encrypt n-1 bytes of data, where n is the size of the key.
    3. Leave crypto to the cryptographers. The first issue with your proposed system is that you’re missing the point of using a secure transport: You don’t need to do any special encoding of your data (the conversion to ascii and multiplying/summing or whatever part) because the secure transport means that eavesdroppers cannot see what’s going past.
    4. Your proposal does not protect against man-in-the-middle attacks. It (kinda) prevents eavesdropping, which is a different problem.

    That said, you certainly can implement RSA in Javascript with a bit of effort, but just be aware that it is unlikely to be secure until you’ve had a bunch of cryptanalysts look at it and try to break it. You will make a mistake somewhere along the line, even if you are the best programmer in the world.

    The user experience will also suffer because it will be very hard for the user to verify that they are, in fact, talking to your server.

    SSL is a well known, well analysed, not-yet-broken protocol that can be free if you use a self-signed certificate (another poor user experience, but at least it’s still fairly secure). Think very carefully before you decide to cheap out on the crypto, and make sure you weigh the cost of a certificate against your development time (it’ll take you many hours to implement RSA) and the potential cost of leaking important customer information (their password). The cost of the certificate is likely to be insignificant compared to the rest of the project cost.

    • 0