better solutions to archieve encryption and decryption of the file
-
Hi All, Basically, I would like to encrypt the data/file at the client end and should be able to decrypt it at the server side. So that client/end user should not manipulate the auto generated file from the application(window). I've gone through some of the articles from the net and I have found three options to archieve this. 1) Symmetric Adv: Can encrypt and decrypt using key values. Disadv: If the end user decode the manage code then it is possible to identify the key values. Then they can also decrypt the file at their end. 2) Asymmetric Adv: Can encrypt and decrypt using the public and private certificates. 3) Hash algorithum Add and disadv more or less similar to (1). So i prefer to go with point (2), i.e Asymmetric. If anyone has better solutions to archieve encryption and decryption of the file then please let me know. Thanks & Regards, Shiby Chacko
-
Hi All, Basically, I would like to encrypt the data/file at the client end and should be able to decrypt it at the server side. So that client/end user should not manipulate the auto generated file from the application(window). I've gone through some of the articles from the net and I have found three options to archieve this. 1) Symmetric Adv: Can encrypt and decrypt using key values. Disadv: If the end user decode the manage code then it is possible to identify the key values. Then they can also decrypt the file at their end. 2) Asymmetric Adv: Can encrypt and decrypt using the public and private certificates. 3) Hash algorithum Add and disadv more or less similar to (1). So i prefer to go with point (2), i.e Asymmetric. If anyone has better solutions to archieve encryption and decryption of the file then please let me know. Thanks & Regards, Shiby Chacko
hi Shiby Way 2 is the only way to prevent the Client from decrypting data, but if you go that far that the user will debug your client he´ll be able to intercept the data after generating and before sending. This is a securityhole you can´t close. If the data you want to send gets larger you should go a middle-way between 1 and 2, because with asymetric encryption you can only encrypt small blocks. (e.g. with rsa 2048 bit you can encrypt 245 byte which will result in 256 encrypted byte). Encrypting with a asymetric algorithm is also slower than a symetric one. The middleway would be then: encrypt everything with a randomly generated symetric key and encrypt only this key asymetric for passing it to the server. Azraelgod
-
Hi All, Basically, I would like to encrypt the data/file at the client end and should be able to decrypt it at the server side. So that client/end user should not manipulate the auto generated file from the application(window). I've gone through some of the articles from the net and I have found three options to archieve this. 1) Symmetric Adv: Can encrypt and decrypt using key values. Disadv: If the end user decode the manage code then it is possible to identify the key values. Then they can also decrypt the file at their end. 2) Asymmetric Adv: Can encrypt and decrypt using the public and private certificates. 3) Hash algorithum Add and disadv more or less similar to (1). So i prefer to go with point (2), i.e Asymmetric. If anyone has better solutions to archieve encryption and decryption of the file then please let me know. Thanks & Regards, Shiby Chacko
Hi there! Well the most secure thing is to use a hybrid of 1 and 2. In this way you close the security hole of disadv of 1 and make the encryption fast(2..is slow). First of all use Symmetric for the file. As regards the key, you can use asymmetric encryption, so that the client can never get hold of the key value to decrypt! You shall have 3 keys.. 1...which will encrypt the data (symetric key) 2...private key to encrypt symetric key(1) 3...public key to decrypt symetric key(1) In this way the client side, does not know that the encrypted symetric key, is really encrypted. So when he/she tries to decrypt, all he gets is garbage! GaMBiT---> aND ReVeNGe WiLL Be
-
Hi there! Well the most secure thing is to use a hybrid of 1 and 2. In this way you close the security hole of disadv of 1 and make the encryption fast(2..is slow). First of all use Symmetric for the file. As regards the key, you can use asymmetric encryption, so that the client can never get hold of the key value to decrypt! You shall have 3 keys.. 1...which will encrypt the data (symetric key) 2...private key to encrypt symetric key(1) 3...public key to decrypt symetric key(1) In this way the client side, does not know that the encrypted symetric key, is really encrypted. So when he/she tries to decrypt, all he gets is garbage! GaMBiT---> aND ReVeNGe WiLL Be
-
hi Shiby Way 2 is the only way to prevent the Client from decrypting data, but if you go that far that the user will debug your client he´ll be able to intercept the data after generating and before sending. This is a securityhole you can´t close. If the data you want to send gets larger you should go a middle-way between 1 and 2, because with asymetric encryption you can only encrypt small blocks. (e.g. with rsa 2048 bit you can encrypt 245 byte which will result in 256 encrypted byte). Encrypting with a asymetric algorithm is also slower than a symetric one. The middleway would be then: encrypt everything with a randomly generated symetric key and encrypt only this key asymetric for passing it to the server. Azraelgod