EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Public key confusion

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#2275
Posted: 02/13/2007 11:46:46
by Matthew Jones (Standard support level)
Joined: 02/06/2007
Posts: 26

With the great support I've been getting, I've managed to work out how to get the RSA public key encryption working. However, in tidying my code, I have come across a source of confusion. My key material has two parts, the public and the secret. I want to encrypt a message in the office and be able to send it to the world who can then decode it, but can't ever generate the contents again. Thus it seems obvious that I'd use my secret key to encrypt, and my public key to decrypt.

The secret key is a long sequence of data, obtained using the SaveSecret function. The public key is a shorter sequence of data obtained using the SavePublic function. The problem is that if I encrypt using the secret key, and decrypt using it too, then all works. If I try to decrypt using the public key, I get an error SSecretKeyNotFound in
TElPublicKeyCrypto.Decrypt which doesn't make sense to me. Surely I can't give away the secret key?

Please put me out of my misery! Thanks.

Matthew
#2276
Posted: 02/13/2007 12:07:50
by Ken Ivanov (EldoS Corp.)

According to the specification (PKCS#1), RSA secret key includes public key material. I.e., having a secret key, one can extract public key from it (and that's what SecureBlackbox actually does). That's why you can encrypt the data with a secret key (SBB implicitly extracts public key from a secret key). However, you cannot decrypt the data without having a corresponding secret key.

You cannot use RSA keys in opposite direction (i.e., you cannot use public key for decryption and secret key for encryption). The approach you are talking about is called digital signing. The data is signed with a secret key, and later can be verified using the corresponding public key. Please consider using TElRSAPublicKeyCrypto.SignDetached() and VerifyDetached() methods to sign and verify small chunks of data.
#2278
Posted: 02/13/2007 12:13:24
by Matthew Jones (Standard support level)
Joined: 02/06/2007
Posts: 26

Okay, then I've got this very wrong. See, I told you I was confused! I don't want to sign anything, I want to encrypt it. RSA is obviously the wrong mechanism then. And my code was working so nicely now!

Could you recommend an encryption component that allows me to securely encrypt data in a manner that can be decrypted by the public but only I could create? Or is that just not possible?

It surely must be possible - I can't have confused myself this much in all the years I've been reading about this stuff.

Matthew
#2279
Posted: 02/13/2007 12:19:39
by Ken Ivanov (EldoS Corp.)

Quote
Could you recommend an encryption component that allows me to securely encrypt data in a manner that can be decrypted by the public but only I could create? Or is that just not possible?

RSA digital signing can be used to achieve this. RSA signing is reversive to encryption, i.e. you encrypt your data with your secret key and then the world can decrypt the encrypted data with a corresponding public key (exactly what you asking about, isn't it?)
#2280
Posted: 02/13/2007 12:23:24
by Matthew Jones (Standard support level)
Joined: 02/06/2007
Posts: 26

Ah, yes, it does seem to be exactly what I look for. I think "signing" doesn't sound like "encrypting" though - I thought that was where you put a wrapper around things while leaving the message unchanged? I'll go play with signing.

Many thanks.
#2281
Posted: 02/13/2007 12:24:37
by Ken Ivanov (EldoS Corp.)

Correction. Generic RSA algorithm (PKCS#1-compliant) does not allow storing data in signatures, however, you can use TElMessageSigner class to create non-detached signatures that store the original data.
#2282
Posted: 02/13/2007 12:34:55
by Ken Ivanov (EldoS Corp.)

Quote
I think "signing" doesn't sound like "encrypting" though - I thought that was where you put a wrapper around things while leaving the message unchanged?

You are right. Digital signing is intended for proving authorship. I.e., only the person who possesses the secret key is able to generate digital signatures with this key.

Actually, I do not understand why digital signing does not suit your requirements. It is impossible to generate a valid digital signature without having a secret key. So why not to use digital signing for proving a fact that the message was generated in your office and not somewhere else?
#2284
Posted: 02/13/2007 12:53:01
by Matthew Jones (Standard support level)
Joined: 02/06/2007
Posts: 26

Quote
Actually, I do not understand why digital signing does not suit your requirements.

Because I need it to be encrypted. Signing to me has always meant verifying that it came from the source, rather than "mangling" the data and only allowing it to be seen if you have the key. However, having changed the code to support signing, I find I can't do anything but detached.

Is there a method to send an encrypted data packet to the end system? The data I'm wanting to send is license control data, so I don't want to have it in clear. The key is I want to develop a generic routine to allow me to use this mechanism in any future code. Working out what allows what is not easy.
#2285
Posted: 02/13/2007 12:59:03
by Matthew Jones (Standard support level)
Joined: 02/06/2007
Posts: 26

To step back a moment, I think my confusion come from my use of encryption so far. I create a data file, then put it through a symmetric encryption routine, and out pops a load of random numbers that the user can't read. However, that has the potential insecurity that my code has to contain the key. The obvious solution is therefore to use public key encryption - one way encryption - to encrypt the data. But that needs two operations due to the limits of PKE in that you actually generate a random key for the symmetric encryption and then encrypt the key with the public key encryption.

Now, it seems to me that there is a big chunk of functionality missing if I can't encrypt myself and send it to the world. If the only solution is to have the world encrypt and send it to me, or I've got to include the private key in the app then I'm no better off.

Maybe I'm just wrong in expecting to be able to encrypt and send, but if so how do the software protection tools do it? They use a key that only I have, and the user can only decode and run, and not encode.

I'll get some food, then try to read more on the topic. I just seem to be so close and yet I can't complete it. Or is this just RSA that has this issue? Which is the better one?

Sorry for the hassle, and thanks for all the help. Matthew.
#2286
Posted: 02/13/2007 13:20:47
by Ken Ivanov (EldoS Corp.)

Quote
Because I need it to be encrypted.

But if a message can be decrypted with a public key (known to everyone), what are the benefits of encryption?

Quote
Is there a method to send an encrypted data packet to the end system? The data I'm wanting to send is license control data, so I don't want to have it in clear. The key is I want to develop a generic routine to allow me to use this mechanism in any future code. Working out what allows what is not easy.

Please take a look at PKCS#7 messages (several how-to articles are available at the following location:
http://eldos.com/sbb/articles/65-231.php). PKCS#7 specification was developed to solve different tasks of secure message transfer, message authentication and authorship proving.

I will think about your requirements and try to propose some solution that will do the job for you.
Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.

Reply

Statistics

Topic viewed 9160 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!