Sending Public Key
jason heddings
rocket at heddway.com
Mon Feb 12 15:15:44 CET 2007
Thanks for the reply...
I think I'm missing something, then... Does that mean the operations
provided by libgcrypt are not secure to use by themselves?
--jah
-----Original Message-----
From: Janusz A. Urbanowicz [mailto:alex at hell.pl] On Behalf Of Janusz A.
Urbanowicz
Sent: Sunday, 11 February, 2007 10:59
To: jason heddings
Cc: gnupg-users at gnupg.org
Subject: Re: Sending Public Key
On Sat, Feb 10, 2007 at 02:13:42PM -0700, jason heddings wrote:
> I'm making use of libgcrypt for a specific encryption application. I'm
> assuming that the following is secure:
>
> - Use libgcrypt to create a keypair
> - Save the S-exp to an internal, protected keystore
> - Base64 encode the public-key portion of the S-exp
> - Broadcast the base64-encoded key to associated clients
> - Use the broadcasted public-key to encrypt data
> - Send encrypted data back to a server containing the keystore
> - Only server can decrypt encrypted data using private keys
>
> Can someone please correct me if I am wrong? Is there a problem with this
> approach, or perhaps a better one?
Without a detailed specification of the protocol it is almost impossible,
but for starters, do not encrypt actual non-random data with a pubkey.
It is always bad idea to roll your own crypto protocol, use SSL/TLS or
OpenPGP or CMS, or XML cryptography if possible.
Alex
--
JID: alex at hell.pl
PGP: 0x46399138
od zwracania uwagi na detale są lekarze, adwokaci, programiści i
zegarmistrze
-- Czerski
More information about the Gnupg-users
mailing list