Re: How to encrypt/decrypt a file
- From: "Mitch Gallant" <jensigner@xxxxxxxxxxxxxxxx>
- Date: Wed, 15 Feb 2006 13:22:42 -0500
"Eric Johnson" <ej@xxxxxxxxxxxxxxxxx> wrote in message
news:qFJIf.22845$6Q3.17878@xxxxxxxxxxxxxxxxxxxxxxxxx
I'm new to this to, in fact I just got done with my first real use of encryption and it doesn't
sound too different from what you are running into. Here's a little about what I ended up doing,
hopefully it'll help.
I created a public/private key pair (RSACryptoServiceProvider) that gets stored in a Key Container
on the server. The client is given the public key so they can decrypt stuff the server encrypted
with its private key.
The public key should be considered exactly that .. PUBLIC ..
If you are expecting that the data is ENCRYPTED with the servers private
key, then this is poor security.
What you are doing (encrypting with servers private key .. decrypting with
corresponding public key on the client) is what digital siganture verification is about.
Public keys should be considered complely visible publically .. therefore, the
encryption scheme you are using is not sure at all (even though you might think
you are protecting the public key for your clients use only?)
- Mitch Gallant
MVP Security
.
- Follow-Ups:
- Re: How to encrypt/decrypt a file
- From: Eric Johnson
- Re: How to encrypt/decrypt a file
- References:
- How to encrypt/decrypt a file
- From: corey . burnett
- Re: How to encrypt/decrypt a file
- From: Eric Johnson
- How to encrypt/decrypt a file
- Prev by Date: Re: How to encrypt/decrypt a file
- Next by Date: Re: How to encrypt/decrypt a file
- Previous by thread: Re: How to encrypt/decrypt a file
- Next by thread: Re: How to encrypt/decrypt a file
- Index(es):
Relevant Pages
|
