Re: hiding global variables
- From: Ralf Fassel <ralfixx@xxxxxx>
- Date: Tue, 04 Nov 2008 15:17:43 +0100
* yahalom <yahalome@xxxxxxxxx>
| > I don't understand anyway what the purpose of that key is if
| > anyone is allowed to use it, so I'd better EOmyD here...
|
| this is the whole point. I do not want anyone to use my decrypting
| key. I do the decrypt in a package and anyone that knows about the
| package can decrypt the data. so I want to have a password or key
| sent to the procedure so it will checked for correctness.
Just so I get it right:
- the user types in a password
- you check the password and if it is correct, you return the
decryption key
- the decryption key is a symmetric key which was also used for
encryption, so it should not get published?
- you are concerned about disclosure of that encryption key, not about
the disclosure of the encrypted data?
Is this the scenario?
If so, use public-key encryption instead? Encrypt the data with your
private key, and encrypt the public key with a password. That way, if
anyone snoops the password, they can get the public key and the data,
but not your private encryption key.
R'
.
- References:
- hiding global variables
- From: yahalom
- Re: hiding global variables
- From: Alexandre Ferrieux
- Re: hiding global variables
- From: yahalom
- Re: hiding global variables
- From: suchenwi
- Re: hiding global variables
- From: Neil Madden
- Re: hiding global variables
- From: Gerald W. Lester
- Re: hiding global variables
- From: yahalom
- Re: hiding global variables
- From: Ralf Fassel
- Re: hiding global variables
- From: yahalom
- hiding global variables
- Prev by Date: Re: hiding global variables
- Next by Date: Re: hiding global variables
- Previous by thread: Re: hiding global variables
- Next by thread: Re: hiding global variables
- Index(es):
Relevant Pages
|
