Re: Encryption keys

From: Nick Malik [Microsoft] (nickmalik_at_hotmail.nospam.com)
Date: 02/04/05 

Date: Thu, 3 Feb 2005 22:43:42 -0800

Correction: I meant to say that the symmetric key is used to encrypt the
known phrase, not the private key. My apologies. 

-- 
--- Nick Malik [Microsoft]
    MCSD, CFPS, Certified Scrummaster
    http://blogs.msdn.com/nickmalik
Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
   I do not answer questions on behalf of my employer.  I'm just a
programmer helping programmers.
--
"Nick Malik [Microsoft]" <nickmalik@hotmail.nospam.com> wrote in message
news:Lu6dnefZH4-oi57fRVn-sg@comcast.com...
> Hi William,
>
> no relation to Eddie Malik.
>
> True, salting the key on both ends will help, but the value that you salt
it
> with has to be easily calculated by both ends independently of one
another.
> This helps, but not a whole heckuva lot.
>
> Signing with the private key doesn't provide security, it provides
> non-repudiation.  In other words, since the public key is public, anyone
can
> decrypt something encrypted with a public key.  However, only the owner of
> the private key could have signed it (hence the name).
>
> The way that SSL does it is to add one more step: the private key is used
to
> encrypt a known phrase (I believe it is the server name from the public
key
> cert plus the time stamp on the server), signed.  The client decrypts with
> the private key and then verifies the signature.  That way, the client
knows
> that the server knows the key and knows that only the server could have
> signed the response.
>
> -- 
> --- Nick Malik [Microsoft]
>     MCSD, CFPS, Certified Scrummaster
>     http://blogs.msdn.com/nickmalik
>
> Disclaimer: Opinions expressed in this forum are my own, and not
> representative of my employer.
>    I do not answer questions on behalf of my employer.  I'm just a
> programmer helping programmers.
> --
> "William Stacey [MVP]" <staceywREMOVE@mvps.org> wrote in message
> news:%23YzEFhkCFHA.3376@TK2MSFTNGP12.phx.gbl...
> > Thanks Nick.  Just thinking...  If the key is hashed by the server using
a
> > simple hash like SHA1(key) or something, then it is pretty easy to brute
> > force the same key by hashing all keys and hashing them.  Naturally,
> > starting from 0 may take some time, but a 16 byte key in a simple hash
> with
> > no other encryption could be found pretty easy - no?  I might rather
hash
> > the key along with the other data elements and sign it with the private
> key.
> > Thoughts?
> >
> > BTW - any relation to Eddy Malik of MS?
> >
> > -- 
> > William Stacey, MVP
> > http://mvp.support.microsoft.com
> >
> > "Nick Malik [Microsoft]" <nickmalik@hotmail.nospam.com> wrote in message
> > news:ZtadnRSDv6Sh5p3fRVn-pA@comcast.com...
> > > SSL uses asymmetric encryption, but only for the handshake. It's a
good
> > > pattern to follow.
> > >
> > > Embed the public key of your server in your code.  Make it available
all
> > you
> > > want.
> > >
> > > When a client wants to contact you, he asks first for the cert.  give
it
> > to
> > > him.  Validate the cert.  It should be signed by a trusted authority.
> > >
> > > Next, the client creates a random number.  This is the symmetrical
key.
> > The
> > > client encrypts the random number using the public key of the server,
> and
> > > passes it upstream to the server.  It also hashes the UNENCRYPTED form
> of
> > > the key and keeps it around in memory.  The server gets the
cyphertext,
> > > unencrypts it, and passes back an acknowledgement, in cleartext,
> > containing
> > > the Hash of the unencrypted key.  The client receives the hash and
> > compares
> > > it to the hash that he is holding.   If it matches, both sides now
have
> a
> > > symmetrical key that they can use.
> > >
> > > Now, encrypt using the symmetrical key.  It is much faster and easier
to
> > > use.
> > >
> > > -- 
> > > --- Nick Malik [Microsoft]
> > >     MCSD, CFPS, Certified Scrummaster
> > >     http://blogs.msdn.com/nickmalik
> > >
> > > Disclaimer: Opinions expressed in this forum are my own, and not
> > > representative of my employer.
> > >    I do not answer questions on behalf of my employer.  I'm just a
> > > programmer helping programmers.
> > > --
> > > "Ray Cassick (Home)" <rcassickNOSPAM@enterprocity.com> wrote in
message
> > > news:%23%2349grOCFHA.3416@TK2MSFTNGP09.phx.gbl...
> > > > Ok, time to ask the question here.. I have been battling over this
one
> > for
> > > > sometime now and just have to ask it.
> > > >
> > > > I have created a few classes that I use to act a security keys.
These
> > > > classes get serialized using a binary formatter and then
symmetrically
> > > > encrypted. The app will deserialize them and use the contents to
judge
> > > > licensing capabilities, etc.
> > > >
> > > > Currently the license key and vectors are stored in the code. I
don't
> > like
> > > > the idea simply because it allows someone with a decompile to get at
> > them.
> > > > Yes, I can obfuscate the code but being paranoid like I am I have a
> > > feeling
> > > > that is just not enough.
> > > >
> > > > My real biggest fear besides the fact that someone can use the key
to
> > > > decrypt the data is that someone can also use the same key to create
a
> > > > program that will generate fake license keys for my app.
> > > >
> > > > In another case I have to send a class across a wire on a remoting
> > channel
> > > > and the class is going to have a users name and password in it.
Again,
> > > being
> > > > the paranoid programmer that I am I am really afraid of someone with
a
> > > > sniffer out there looking at the raw bits. I would like to encrypt
the
> > > > password before I send the class across the wire. Again, I know that
I
> > can
> > > > just hard code the keys into the app but we all know what I feel
about
> > > that.
> > > >
> > > > I know that I could use asymmetrical encryption and that gives me
the
> > > > ability to release a public key that can only be used to decrypt and
> > that
> > > > takes care of part of it but from what I have seen asymmetrical
> > encryption
> > > > is a royal pain in the *** because it only encrypts data of a
maximum
> > > size
> > > > so I would have to take that into account when I am serializing data
> and
> > > > possibly split the data up into checks, each one encrypted.. Not a
> clean
> > > > option really.
> > > >
> > > > I know already, I have read tones of thing on remoting and how to
> build
> > > > encryption sinks to be used for cases like this, but I really don't
> need
> > > to
> > > > encrypt the entire message, just one part of it.
> > > >
> > > > There HAS to be a way to reliably use symmetrical encryption without
> > hard
> > > > coding the keys into the code but also protecting them from being
used
> > by
> > > > other people.
> > > >
> > > > Any simple ideas to this tough question?
> > > >
> > > >
> > >
> > >
> >
>
>