Re: Can you tell me if this makes sense?

---

• From: "JJ" <abc@xxxxxxx>
• Date: Wed, 12 Apr 2006 15:35:38 +0100

---

OK so I have my first problem:
The RSA algorithm won't let you encrypt with the generated private key. It
expects you to use the public key.
Am I correct in suspecting that the two keys are not interchangeable? i.e.
you can't use the private one to encrypt and the matching public one to
decrypt?

JJ

"JJ" <abc@xxxxxxx> wrote in message
news:OzvRYzgXGHA.1204@xxxxxxxxxxxxxxxxxxxxxxx

I am getting my head around encryption. Maybe someone can comment on my
approach here - be gentle.


I have written a forms app that I want tied to particular machines. I have
formulated a 'request number' based on the windows serial number and some
other info on that machine.

The user would then send me the request number and I'd encrypt it, and
send back a authorisation number. The user would then type this into the
app, the app would then use the same encryption algorythm to decrypt the
authorisation number and check it against the original request number to
check they match. If they do, the app would be registered for normal use.

My puzzle was how to store the encryption key for the symmetric
encryption. If stored in the application code, it could be reverese
engineered, if stored anywhere else someone could equally track where the
program is writing to, right?

So, I wondered if this would work:
Instead of using symmetric, use asymmetric (Public-Private key). I would
place the public key in the Program Code and keep the private key to
myself. The user sends me their 'request number' I then use the private
key to encrypt the number and produce an authorisation number that I'd
send back to the user. When the user types the authorisation code in, the
app uses the matching public key to decrypt the authorisation code and
check if the request number and authorisation number correspond. If so,
the application is registered.

(I'm using VB2003, .net1.1 - I know .net 2.0 has some improvements when it
comes to key storage/encryption, but unfortunately I am not able to update
yet.)

JJ

.

---

• References:
  • Can you tell me if this makes sense?
    • From: JJ

• Prev by Date: Color Dialog Custom colors
• Next by Date: Re: Data form wizard in VS.NET 2005
• Previous by thread: Can you tell me if this makes sense?
• Next by thread: Re: Typing in a ComboBox
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: RSACryptoServiceProvider decrypt with public key ... key/decrypt with the private key and encrypt with the private key/decrypt ... encrypt data and send it back to Alice. ... only she can decrypt Bob's data. ... see the public key and the encrypted data, but she could not decrypt Bob's ... (microsoft.public.dotnet.security) Re: how to have a gpg public key? ... Having just a public key doesn't do you much good. ... You need both a private key and a public key; ... can encrypt and decrypt your messages and you are just ... (Debian-User) Re: DECRYPT with PUBLIC key (how to?) ... values in my application which would be decoded with my own public key which ... This is a very stupid thing to think that you can encrypt with private ... Private key operations often uses CRT ... Signature schemes and Encryption schemes have completely different ... (microsoft.public.dotnet.security) Re: private to public decrypt now working ... would have the private key, all vice presidents would have a public key. ... All vice's could encrypt and only president could decrypt. ... (microsoft.public.dotnet.security) [OT] Re: Basic question about Public Private Key Pairs ... > and private keys allow me to decrypt, but vice versa is not possible (or ... a public key and a corresponding private key. ... You can encrypt something with each key; ... (microsoft.public.dotnet.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)