Re: encryption question

From: "Dave Hackett" <dave.hackett@xxxxxxxxxxxxxxxx>
Date: Tue, 29 Jan 2008 17:33:27 -0400

To answer the first part of your question...

Yes, you can create Private/Public encryption keys and throw away the
Private key forcing the originator to regenerate the key pair again, just
the same way they did the first time. Using the same Key Generator methods
and source input will produce the same key pair every time.

The other responses to your question actually touch on 2 separate parts of
encryption. Typically you encrypt Content with your Public key to keep
others from looking at it. You then create a Hash of the content and
encrypt this with your Private key, append it or prepend it to the file as a
fix block, (for example 256 bytes) with say your name and the Hash value and
use this as you "signature". Anyone can read the header block and decode it
using your Public key to see that it was indeed you that owns the file.
They would then compute the Hash of the remainder of the file (the part
encrypted with your Public Key) and compare that with your Hash you included
in the header block and that tells them the Encrpted Content has not been
changed.

DaveH

"Rael" <rael@xxxxxxxxxx> wrote in message
news:479f4640@xxxxxxxxxxxxxxxxxxxxxxxxx

Hi,

I would like to use an encryption method where no record of the secret key
is kept. (If the correct key is supplied the data will be unencrypted
correctly otherwise a meaningless stream will be returned.)
But how to know if the user has entered the correct password?

If I keep a "test" string stored somewhere, where I know what this string
value should be when unencrypted, will this comprimise security? IOW, if a
hacker has access to an encrypted string and knows what the unencrypted
value of this string is, can he work out the secret key?

I would like to know if the answer to this question depends on algorithm
used (i.e. public/private key pair or straightforward encryption
(blowfish?)). I will probably be using an encryption method from freeware
components streamsec or DCPCrypt.

Thanks alot to any advice,

Rael

References:
- encryption question
  - From: Rael

Prev by Date: Re: encryption question
Next by Date: Re: ANN: AnyDAC 2.0 is now available for pre-order
Previous by thread: Re: encryption question
Next by thread: Re: encryption question
Index(es):
- Date
- Thread

Relevant Pages

Re: RSA breaking vs. factoring
... affects the two possible usages of RSA both for encryption (first public, ... then private key) and for signing ... are identical to encryption, in reverse order. ... Digital signature generation takes an input message (which may be quite ...
(sci.crypt)
Re: private key encryption - doubts
... > Alice creates a one-way hash and encrypt it with her private key ... So Bob now knows the private key of Alice. ... > I need to know what exactly is a digital signature. ... same symmetric key for both encryption and decryption). ...
(comp.security.ssh)
Re: CryptAPI(encryption/decryption)
... It seems like you're missing the Base64 decode step when trying to decrypt ... I misspelled the Private Key as Primary Key. ... Is there any variation in the encryption format in openssl compared to ... "Dylan DSilva " wrote: ...
(microsoft.public.pocketpc.developer)
Re: RSACryptoServiceProvider decrypt with public key
... private key which my programs could decipher using a public key I've ... But since private key encryption and public key decryption isn't ... > If Alice gives Bob her public key, ...
(microsoft.public.dotnet.security)
Re: CryptAPI(encryption/decryption)
... The openssl encrypted data format is in bigendian ... Is there any way I can import the PEM formated private key to the MS CSP ... I'm decoding the base64 encoded data before trying to decrypt. ... Is there any variation in the encryption format in openssl compared ...
(microsoft.public.pocketpc.developer)