Sending Public Key
Janusz A. Urbanowicz
alex at bofh.net.pl
Sun Feb 11 18:58:40 CET 2007
On Sat, Feb 10, 2007 at 02:13:42PM -0700, jason heddings wrote:
> I'm making use of libgcrypt for a specific encryption application. I'm
> assuming that the following is secure:
>
> - Use libgcrypt to create a keypair
> - Save the S-exp to an internal, protected keystore
> - Base64 encode the public-key portion of the S-exp
> - Broadcast the base64-encoded key to associated clients
> - Use the broadcasted public-key to encrypt data
> - Send encrypted data back to a server containing the keystore
> - Only server can decrypt encrypted data using private keys
>
> Can someone please correct me if I am wrong? Is there a problem with this
> approach, or perhaps a better one?
Without a detailed specification of the protocol it is almost impossible,
but for starters, do not encrypt actual non-random data with a pubkey.
It is always bad idea to roll your own crypto protocol, use SSL/TLS or
OpenPGP or CMS, or XML cryptography if possible.
Alex
--
JID: alex at hell.pl
PGP: 0x46399138
od zwracania uwagi na detale są lekarze, adwokaci, programiści i zegarmistrze
-- Czerski
More information about the Gnupg-users
mailing list