I have an application where I need to encrypt a bit of text, and then I
need to be able to decrypt it using a customer's key. I want to make
sure that the key to decrypt is NOT on the server anywhere, so hackers
cannot get the decrypt key, which means I cannot use a symetrical key
pair since the encryption key will need to be on the server.
What I need is more like a public key cypher. But I want the customer
to be able to create his own private unencrypt key (like a password),
and then the server generates the public encrypt key from that. I do
not want the customer to have to enter a 128 or 1028 byte sequence each
time he executes the program, but to be able to enter a password he can
remember or have written down.
This is what I want.
1. When customer signs up, he enters a password. The password is NOT
stored on the system, but is used to generate a nonsymetrical encryption
key, which is stored on the server.
2. Sensitive information is encrypted using the encryption key.
3. When the customer wants to see the sensitive information, he has to
log in, using the password he supplied in #1, and this is the decryption
key for the information. This password is never stored on the server,
but only passed from session to session with an ssl connection.
Are there any libraries that allow a nonsymetrical key pair, where the
encryption key can be generated from the decryption key that the
customer supplies?
Thanks,
Marshall 1 8989
Marshall Dudley wrote: I have an application where I need to encrypt a bit of text, and then I need to be able to decrypt it using a customer's key. I want to make sure that the key to decrypt is NOT on the server anywhere, so hackers cannot get the decrypt key, which means I cannot use a symetrical key pair since the encryption key will need to be on the server.
So the obvious choice would be PGP. There's a module on CPAN with
"Crypt" and "PGP" in the name that may help.
What I need is more like a public key cypher. But I want the customer to be able to create his own private unencrypt key (like a password), and then the server generates the public encrypt key from that. I do not want the customer to have to enter a 128 or 1028 byte sequence each time he executes the program, but to be able to enter a password he can remember or have written down.
Sounds very like the way PGP operates to me.
This is what I want.
1. When customer signs up, he enters a password. The password is NOT stored on the system, but is used to generate a nonsymetrical encryption key, which is stored on the server. 2. Sensitive information is encrypted using the encryption key. 3. When the customer wants to see the sensitive information, he has to log in, using the password he supplied in #1, and this is the decryption key for the information. This password is never stored on the server, but only passed from session to session with an ssl connection.
There should be no problem doing that with PGP. Of course the password
may get stored in your swap-file.
Are there any libraries that allow a nonsymetrical key pair, where the encryption key can be generated from the decryption key that the customer supplies?
Forget libraries, I'm not aware of any PK _algorithm_ that would allow
that. All the PK algorithms I know create a key _pair_ in a single
operation and it is just about as hard to go from the private key to the
public as the other way.
However there is no need in anything you've said you want to achieve to
generate the encryption from the decryption key. Simply store the
encryption key (which is public after all) in step 1.
This, of course, has nothing to do with Perl. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Piotr |
last post by:
MS has published on its sites javascript encoder, which enables "encrypting"
javascript code. It allows hiding js code from being seen as a text file.
There is a decoder for it, available in the net, freeware, srcdec14.exe.
I have tested both, encrypting, decrypting, the source and the final files
are identical.
But what I met on a certain site is a js file, encoded I think in another
way, because I cannot decrypt it using the...
|
by: jimfortune |
last post by:
This idea is still in the process of formulation. I'm considering the
idea of storing encrypted data in memo fields. Since the data is for
internal use only I don't think the legal limits on encryption apply.
So memo fields are required because I want to use a couple of 500 or so
digit safe primes for the encryption. Note that public key encryption
has been around for quite a while so some organizations may have a
pretty large prime...
|
by: cmrchs |
last post by:
Hi,
Using the RSA-crypto algorithm in .NET , when actually encrypting/decrypting, all the code samples I ran into always used something like, to encrypt :
// create keypair and store in container
CspParameters param = new CspParameters();
param.KeyContainerName = "NewKeyContainer";
param.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider rsaObj = new
RSACryptoServiceProvider(param);
|
by: Andy G |
last post by:
If users forget there passwords I want to send a link to them through email
so they can click on a link and go to a change password page. eBay does
this by sending you a url that looks something like,
http://sigin.ebay.com/aw-cgi/pass/$1$69912$1XasURRhQFdYhulVSnJqt. I want to
a send a url with ?userID=228 tacked on the end. Instead of the 228 being
in clear text I want to encrypt it somehow and then user
Request.QueryString("userID") to...
|
by: cmrchs |
last post by:
Hi,
Using the RSA-crypto algorithm in .NET , when actually encrypting/decrypting, all the code samples I ran into always used something like, to encrypt :
' create keypair and store in container
Dim param As New CspParameters
param.KeyContainerName = "NewKeyContainer"
param.Flags = CspProviderFlags.UseMachineKeyStore
Dim rsaObj As New RSACryptoServiceProvider(param)
| |
by: neil |
last post by:
Hi,
I'm not sure whether this is a known or documented issue (I could'nt
turn anything up, but maybe I'm not looking hard enough), but I seem to
be have a problem encrypting and decrypting entries with special
characters - namely the '@' symbol.
For example I can encrypt and decrypt a name or an address - however,
if I try this with an email address that contains the '@' symbol, such
as:
|
by: Amar |
last post by:
Hi All,
I want to insert my password into the mysql database by encrypting it
so that I can also retrieve the password. Before I was using sha1()
for encrypting password,but it is an one way method.
I want to use a function that can be decrypted . Please help me.
Thanks
Amar
|
by: dfa_geko |
last post by:
Hi All,
I had a question about encrypting and decrypting XML files using asymmetric
keys. I copied some sample code from MSDN, here are the samples:
http://msdn2.microsoft.com/en-us/library/ms229746.aspx
http://msdn2.microsoft.com/en-us/library/ms229919.aspx
The samples I used are the ones near the bottom of the page. (With a slight
modification of moving edElement.KeyInfo.AddClause(new KeyInfoEncryptedKey
|
by: SeeSharp Bint |
last post by:
Visual Studio 2005, dotnet, c#. Microsoft SQL Server. Windows XP forms
application.
Temporarily, for my database application, I have been storing the various
elements of database connection items like datasource,password,userid as
plain strings in the registry.
I'd now like to make these secure against people reading them.
I thought of encrypting/decrypting each string when i write to the registry
but I wouldnt know where to find a...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |