How do I do asymmetric/hybrid encryption in practice?
Question
I would like to asymmetrically encrypt messages with a public key that I have been given in advance. How can I go about doing that? Some example code in C# would be much appreciated.
What do I need it for?
Our service receives SMS message bundles through a REST API and delivers the message text to the end user device, e.g. cellphones. In order to bill the customer, we store the bundle information along with a success/failure status in a database.
We give the customer the option of not storing the message text so that customer support cannot snoop in the database, but we would also like to provide the option of storing the message text in encrypted form. Due to the way the service is structured, we would need to store the encryption key in the database, so symmetric encryption would not be a good choice.
Research
Finding an answer to this question is hard for the following reasons:
- Most articles about asymmetric encryption are about key exhange, i.e. where two actors are trying to establish a shared secret in real time over an insecure channel. The articles are so common that at one point I thought Diffie-Hellman could only be used for key exchange.
- The articles that don't, mostly talk about RSA. RSA is not a good fit for arbitrary message text.
- On StackExchange, most answers link to the Wikipedia page on hybrid cryptosystems, which at the time of writing is rather sparse: it only provides a theoretic example without naming any algorithms or systems.
I also understand that it's a bad idea to roll your own crypto, so even if I knew how to pick the algorithms for a hybrid system, I would prefer to use a simple ready-made package.
