EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Encryptor question

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#12170
Posted: 01/25/2010 18:48:13
by Malcolm Toon (Standard support level)
Joined: 01/20/2010
Posts: 22

Hello there! I just had a quick question about the encryptor.. I've had great luck with MC so far in my project and now I wanted to optimize and secure the internode communication. I added the ZLIB compressor and MD5 sealer and AES encryptor and it looks like after I add the encryptor no more messages get passed. I removed just the encryptor (leaving ZLIB and MD5) and it worked fine. I tested this on the StressTest application as well and it presented the same behavior. I'm sure this is just something I'm doing wrong, but any thoughts?

Thank you!
-Malcolm
#12171
Posted: 01/25/2010 23:44:13
by Eugene Mayevski (EldoS Corp.)

Are you setting the key of the right size to the encryptor?


Sincerely yours
Eugene Mayevski
#12172
Posted: 01/25/2010 23:56:36
by Malcolm Toon (Standard support level)
Joined: 01/20/2010
Posts: 22

Ah. Thanks! Found a sample in the sendnote..
var
DefaultKey: ByteArray;
i: Integer;
begin
// Starts the message queue
SetLength(DefaultKey, 32);
for i:=0 to 31 do
DefaultKey[i] := i;
MCAESEncryption1.SetKey('', DefaultKey);


I'm pretty new at this.. do I need to generate a little more random set of initial values or does the system generate it for me after I do this code above?

Thank you again-
Malcolm
#12173
Posted: 01/26/2010 00:01:35
by Malcolm Toon (Standard support level)
Joined: 01/20/2010
Posts: 22

Sorry.. Brain fart. I'm guessing that it doesn't matter what the key is as long as both socket end-points are using the same one? Just out of curiousity... is there any certificate based encryption in the works that would allow each node to be certificated and essentially have different public keys per address? I'm trying to find a way to associate identity with the messages.

Thank you again-
Malcolm
#12174
Posted: 01/26/2010 00:19:52
by Eugene Mayevski (EldoS Corp.)

MsgConnect can be used together with SecureBlackbox to have SSL-secured connections, but this works on the transport level. If you want to identify each message, you can create your own encryptor class and utilize SecureBlackbox function. Encryptor class just a couple of methods and you have the source of existing encryptor as a reference.


Sincerely yours
Eugene Mayevski
#12175
Posted: 01/26/2010 00:23:18
by Eugene Mayevski (EldoS Corp.)

Correction: to identify the message it's better to implement Sealer class, and use Encryptor for encryption.


Sincerely yours
Eugene Mayevski
#12190
Posted: 01/26/2010 15:26:02
by Malcolm Toon (Standard support level)
Joined: 01/20/2010
Posts: 22

Are you saying use BlackBox to "seal" the message rather than encrypt it?

Thanks!
-m
#12197
Posted: 01/27/2010 00:41:05
by Eugene Mayevski (EldoS Corp.)

This depends on what you are going to do. If you need to authenticate the sender using PKI certificate, then the operation is called "signing". If you need to encrypt the data for some particular recipient, this operation is called encryption. MsgConnect has different classes for these operations.


Sincerely yours
Eugene Mayevski
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 3690 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!