This should allow others to interop between other key formats and CngKey for Elliptcal Curve signing and such. ECCPrivateKeyBlob is formatted (for P256) as follows [KEY TYPE (4 bytes)][KEY LENGTH (4 bytes)][PUBLIC KEY (64 bytes)][PRIVATE KEY (32 Bytes)] KEY TYPE in HEX is 45-43-53-32 KEY LENGTH in HEX is 20-00-00-00 PUBLIC KEY is the RSA key formats are defined in at least RFC 3447 and RFC 5280.The format is based on ASN.1 and includes more than just the raw modulus and exponent. If you decode the base 64 encoded ASN.1, you will find some wrapping (like an object identifier) as well as an internal ASN.1 bitstring, which decodes as: The instance of this class lets you create Key pairs, encrypt using a public key, decrypt using a private key (as in the first scenario), sign (sort of the second scenario, but not exactly), and verify the signature. The Sign method accepts a message (as byte array) and creates a signature for this particular data. In the second scenario, Alice So an encoded private key contains the private key itself (a integer in the 1..n-1 range, where n is the curve subgroup order), optionally a description or reference to the used curve, and optionally a copy of the public key (which could otherwise be recomputed). Let's try it. To make this simpler, we can just export it from the CngKey directly and not use the algorithm if all you want to do is create a new key and export the private key. var cngKey = CngKey.Create(CngAlgorithm.ECDiffieHellmanP256, null, new CngKeyCreationParameters {ExportPolicy = CngExportPolicies.AllowPlaintextExport}); var privateKey = cngKey

