COM Interface Security
From: Joseph Geretz (jgeretz_at_nospam.com)
Date: 01/18/05
- Next message: Jonathan Wood: "Re: Getting text in a window"
- Previous message: Eric: "Changing Printer Preferences"
- Next in thread: Klaus H. Probst: "Re: COM Interface Security"
- Reply: Klaus H. Probst: "Re: COM Interface Security"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 18 Jan 2005 15:03:25 -0500
How easy or difficult is it to intercept data values passing between a
client and server via a public COM interface? I've built an encryption
component (using the VB Blowfish sample) as a public class in our utility
library. As with all encryption, the secrecy of the key must be protected.
The key is generated dynamically at run time via an internal algorithm. It
would take reverse assembly to discover the key. I'm not worried about
reverse assembly. If someone can reverse-assemble our code then the game is
over in any case.
I am wondering though about how we submit our private key when we first
instantiate and initialize the cryptor class. (Anyone can instantiate this
class, but unless they know the key, they won't be able to decrypt our
protected ciphertext.) Can information passing through a COM interface be
easily intercepted or would it take a skill at the level of reverse-assembly
in order to do this?
Thanks for your advice.
Joseph Geretz
- Next message: Jonathan Wood: "Re: Getting text in a window"
- Previous message: Eric: "Changing Printer Preferences"
- Next in thread: Klaus H. Probst: "Re: COM Interface Security"
- Reply: Klaus H. Probst: "Re: COM Interface Security"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
