RSA encryption - practical question

RSA encryption - practical question
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
RSA encryption - practical question Lucius 03-14-2006
Posted by Lucius on March 14, 2006, 12:11 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Regards everybody,

I'm distributing an application that needs a licence file protection. A file
comes with a registered version that contains encrypted customer data. It's
encrypted using asynchronous encryption (RSA).

The idea is to encrypt the file with a private key, and give the public key
to the application. So the application could decrypt the file, but would not
be able to encrypt it. The goal is to make it as difficult as possible to
make a keygen that would work on unmodified application assembly (with the
original, unpatched exe that contains the unmodified public key).

I planned to do this by separating public and private keys, and giving only
the public key part to the application.

1. I don't know if it is possible to decrypt using only the public key, so
that's my first question. Can I switch public and private keys this way ?
Can the user decrypt using only the public key ?

2. Second question (given the premise that we're not modifiying the assembly
or memory during runtime): Is this idea good ? Would it be secure ?



Posted by Volker Birk on March 14, 2006, 2:41 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
> The idea is to encrypt the file with a private key, and give the public key
> to the application. So the application could decrypt the file, but would not
> be able to encrypt it. The goal is to make it as difficult as possible to
> make a keygen that would work on unmodified application assembly (with the
> original, unpatched exe that contains the unmodified public key).

The keygen will not be the problem. The executable itself will be.
It will be possible to modify it, so it does not need to check any
key any more.

> 2. Second question (given the premise that we're not modifiying the assembly
> or memory during runtime): Is this idea good ? Would it be secure ?

No. No.

Yours,
VB.
--
At first there was the word. And the word was Content-type: text/plain

Similar ThreadsPosted
practical question March 5, 2005, 10:28 am
Newbie question on encryption keys July 10, 2007, 3:05 am
SSL/https De-encryption July 6, 2004, 9:15 am
NTFS Encryption April 26, 2005, 6:31 pm
Encryption Key Storage August 25, 2005, 8:09 am
Email Encryption September 17, 2005, 12:20 am
Encryption size October 25, 2005, 3:13 am
Determine what encryption was used April 18, 2006, 8:52 am
Determine what encryption was used April 28, 2006, 4:50 am
Encryption for Powerpoint? May 19, 2006, 11:34 pm

The site map in XML format XML site map

Contact Us | Privacy Policy