473,323 Members | 1,550 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,323 software developers and data experts.

asymmetric encryption

I have this encryption scheme that I want to implement:

I have an authentication server, which takes clients' credentials to
complete authentication but first I have to encrypt the credentials, I
want to use asymmetric encryption which the server creates the key pair
(public and private keys) but to avoid round trips of the authentication
protocol instead of having the server sending the public key to clients,
I want to have the public key to be hard coded into client code and also
assign the same public key to the server as well but the problem is how
do I get the private key created on the server side in a way that gets
the public and private key mathematically linked?


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 15 '05 #1
2 5137
Well, you might want to explain how this authentication algorithm/protocol
works first. With your setup, i'm not sure this follows standard procedure
for authentication via asymmetric encryption. Also note that asymmetric
encryption is typically only good at encrypting small bits of info at a
time - 8 to 32 bytes ideally. I usually recommend using it only to
sign/verify data hashes or create an envelope so a symmetric key can be
securely transmitted. Data encryption is best done with stream and block
ciphers (usually symmetric algorithms).

-Rob Teixeira [MVP]

"Paul Fi" <na*******@hotmail.com> wrote in message
news:eS**************@tk2msftngp13.phx.gbl...
I have this encryption scheme that I want to implement:

I have an authentication server, which takes clients' credentials to
complete authentication but first I have to encrypt the credentials, I
want to use asymmetric encryption which the server creates the key pair
(public and private keys) but to avoid round trips of the authentication
protocol instead of having the server sending the public key to clients,
I want to have the public key to be hard coded into client code and also
assign the same public key to the server as well but the problem is how
do I get the private key created on the server side in a way that gets
the public and private key mathematically linked?


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Nov 15 '05 #2
Hello Paul,

If you want the public key to be in the code, rather than in a keystore, you
will have to generate the keypair on the server first, before you compile
the client, then take the public key from that generated pair and place it
in the client code.

Note: this is an extraordinarily bad idea. No key pair is completely
immune. The moment someone discovers your private key, all of your
installed base of code is compromised.

I'd be concerned about your scheme. How will the client know that the key
has been compromised? How can the client be certain that your address has
not been compromised? How can you inform them of this? That is what the
certificate authority is for, and why they have Certificate Revokation
Lists.

The Public Key Infrastructure has been beaten around for a long time to work
out these issues in fine detail. If you go about circumventing bits of it,
you open yourself up for attack in a manner that will destroy your
credibility the moment an attack is successful.

Think about it.
--- Nick

"Paul Fi" <na*******@hotmail.com> wrote in message
news:eS**************@tk2msftngp13.phx.gbl...
I have this encryption scheme that I want to implement:

I have an authentication server, which takes clients' credentials to
complete authentication but first I have to encrypt the credentials, I
want to use asymmetric encryption which the server creates the key pair
(public and private keys) but to avoid round trips of the authentication
protocol instead of having the server sending the public key to clients,
I want to have the public key to be hard coded into client code and also
assign the same public key to the server as well but the problem is how
do I get the private key created on the server side in a way that gets
the public and private key mathematically linked?


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Nov 15 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
by: Tex John | last post by:
Is there a way to do asymmetric encryption purely in PHP? Not for e-mail...could care less. But for credit card number processing, if the bookkeeper could have a password she typed in every time...
13
by: Andy Chau | last post by:
I try to use RSA to implement the following scheme but wasn't sucessful. Sever encrypt a message using a public key, the client decrpyt the message using a private key. I don't want the client...
1
by: Bart | last post by:
Dear all, I would like to encrypt a large amount of data by using public/private keys, but I read on MSDN: "Symmetric encryption is performed on streams and is therefore useful to encrypt large...
13
by: no game | last post by:
Can I encrypt data more than 117 bytes in C# (can use CAPICOM and Crypto API libraries) using RSA 1024 bit. Any sample code would be appreciated. Thanks
0
by: TimHarris | last post by:
Hi All Can someone write the proper instructions how to install the certificates into the certificate stores. There are lots of people having the same problem. I could find the solution since many...
3
by: Mike | last post by:
Hi, I have been experimenting with the RijndaelManaged Cryptography class in C# and have stumbled upon a "peculiarity". Following code is standalone Console App that demonstrates using...
9
by: ILCSP | last post by:
Hello, perhaps you guys have heard this before in the past, but here is what I'm looking for. I have a SQL 2000 table with Social security numbers. We need to create a Member ID using the...
4
by: pintu | last post by:
Hello everybody.. I hav some confusion regarding asymmetric encryption.As asymmetric encryption it there is one private key and one public key.So any data is encrypted using private key and the...
3
by: Bruce | last post by:
How can I encrypt strings using an asymmetric key? I want to encrypt short strings (credit card numbers, etc.) and save the encrypted strings into a database. When accessing the data (i.e. the...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.