antonio.bleile at seac02.it
Fri Feb 9 11:11:41 CET 2007
I have a question concerning an "unusual" way of using gnuPG...
I don't want to encrypt emails, I just want to encrypt binary
data and deliver that over the internet. Consider the following
scenario: I have a program that gets deliverd to various clients.
The program is a viewer for 3d models. The viewer can load and
display various types of input formats (e.g. CAD models). It
can also load models directly from a URL. Now we'd like to put
some cool models on our web page but we don't want people to
disassemble the file and thus getting to the mathematic definition
of a CAD model (people giving you a CAD model of e.g. a brandnew
car are very concerned about their data!!!). So I thought to
protect the data with public/private key encryption. We encrypt
the data with a private key and put the result on our server.
Our viewer contains the public key for decryption. You might
say that it's easy to get to the data anyway, you just
have to dump the memory of the program after the data has
been decypted.... But that requires some higher "criminal energy",
and I think I can live with the risk...
- So actually, my question is: Does this approach make any sense
for you crypto-gurus out there? (Please forgive me my ignorance,
I have just a vague memory of my cryptography lessons...).
- Does libcrypt do the job?
- The CAD data may contain a fixed header, so an atacker knowing
the header might use this info to easily get the private key?
Thank you and kind regards,
More information about the Gnupg-users