In message <[EMAIL PROTECTED]> on Wed, 3 Oct 2007 10:04:26 -0500, "Md Lazreg"
<[EMAIL PROTECTED]> said:
mdlazreg> I am encrypting a file using a private key, and my program
mdlazreg> is decrypting it using the public key compiled in the
mdlazreg> binary.
If it isn't an automatic process of some kind, why is the public key
compiled into the binary?
mdlazreg> The question is how to protect my public key against binary
mdlazreg> analysis within the binary? I do not want someone to replace
mdlazreg> it with their own public key and hence encrypting my
mdlazreg> program's input using their private key. Any ideas please?
The only viable option to fulfill all those ideas is to keep your
binary completely secret and to yourself. Any external exposure will
make it possible to reveal how it's used and make it possible for
others to use for their own purposes. Of course, you could encrypt
parts of the binary, but it requires that you have a key, and the
question is where you're going to have that, especially if this is a
binary used in some kind of automatic process...
Out of curiosity, what's the reason noone should use the binary with
their own private/public key pair?
Cheers,
Richard
--
Richard Levitte [EMAIL PROTECTED]
http://richard.levitte.org/
"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
