Re: Signing and encrypting software
- From: <ashwood@xxxxxxx>
- Date: Sat, 24 Sep 2011 13:20:21 -0700
"Noob" wrote in message news:j5cr87$9r$1@xxxxxxxxxxxxxxxx
Once the binary has been generated, should it be encrypted
and then signed? Or signed and then encrypted? Or something
else altogether ?
The general method is to look at what is actually meant by the signature. Signing before encrypting makes the statement that the decrypted content is correct and accurate. Encrypting before signing makes the statement that the encrypted data is transferred correctly and that the encrypted data has remained unmodified since signing. Which statement is correct for your situation?
Its also worth repeating, if this is something with any amount of money involved, get a professional to at least review your work. The professional review will of course cost some time, but avoiding the massive number of potential errors is worth the money.
Joe
.
- Follow-Ups:
- Re: Signing and encrypting software
- From: Earl_Colby_Pottinger
- Re: Signing and encrypting software
- References:
- Signing and encrypting software
- From: Noob
- Signing and encrypting software
- Prev by Date: Re: The Most Profound Distillation of the Feedack from Modern Cyptography.
- Next by Date: Re: Signing and encrypting software
- Previous by thread: Re: Signing and encrypting software
- Next by thread: Re: Signing and encrypting software
- Index(es):
Relevant Pages
|
