Sign in to follow this  

File encryption and authentication

This topic is 2102 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I am new to the entirety of encryption, and only know a few little bits of information - rough things like what RSA, SHA, etc. are.

I've read and gone through using OpenSSL on the command line to produce private keys, public keys, and encrypting/decrypting files. I've seen creating hashes and signing, as well. Unfortunately, it's not all meshing together in my head just right.

The situation which I want to (reasonably) secure is:
I have a set of servers which have a private key shared between them. One server will encrypt a file, pass it to the client, and the client will carry it to a different server, where the file is decrypted and (I assume this is necessary?) checked for authenticity.

The encryption part seems easy enough, run it through my key on both ends to get the information. The authentication, however, is what confuses me - what is the purpose of the hashes and signing? If they have access to the private key, they can encrypt anything to look like it was sent by the first server - so why bother with that when I could just encrypt and decrypt the file.

I've been having a hard time getting straight answers from the few IRC channels I've talked to over this, and I'm having a hard time wrapping my head around cryptography in general. Hopefully this falls within this forum - if not, I'd appreciate it to be moved where necessary.

Thanks for any help you guys can provide!

Share this post


Link to post
Share on other sites
Cryptography by itself is a difficult subject. It involves diabolical mathematics beyond the skills of most normal people.

Think of security as a fence you need to build around your system. Encryption is just a single fence post. If all you are doing is encrypting your data then an attacker can trivially go around the fence. A solidly-built system can run securely even without relying on encryption for authentication.


What exactly are you trying to protect, and from whom? Knowing that will help determine the protections you should take.

Share this post


Link to post
Share on other sites
Your question is somewhat unclear, because it does not spell out the precise steps of who does what, when.
Your confusion may come from not having this actually drawn out.
It sounds like you may be doing:

1. Server A encrypts file using private key P and sends to client B.
2. Client B does not know how to decrypt this file, but later forwards the encrypted file to server C.
3. Server C needs to know that Server A sent this file, and it was not tampered with or read by Client B.

It's also un-clear whether you're using a public-key cypher (RSA, DSA) or symmetric cypher (AES) and how much information is pre-shared with the client, or between the servers. And does the client need to be able to read the file?

If all that matters is that Server C sees data that Server A vouches for, and it's OK if the client can read the data, as long as it cannot forge data, then what you really want is a HMAC. This can be implemented either using a symmetric algorithm (SHA) or a public-key algorithm. In the symmetric case, the two servers need to share the same key, that the client doesn't know. In the public-key case, Server C just needs to have the public key for server A, to verify that the data was signed by the private half of that key.

Share this post


Link to post
Share on other sites
HMAC does sound like what I need. You guessed correctly at the situation, also; I should have said it better before. Thanks for the responses, guys - I'll forge forward with HMAC for now!

Share this post


Link to post
Share on other sites
[quote]I have a set of servers which have a private key shared between them.[/quote]

Just a minor, yet very important detail: they are called private because they aren't to be shared.

While it works reasonably well for banks, it's one the reasons why client-side certificates didn't gain much adoption in online services. They need to be unique to the machine and sharing them is highly undesirable, though it can be done. They are also useless on public access computers.

While their purpose is unique identification of user, passing them freely among different machines represents technical security risks.

Share this post


Link to post
Share on other sites
Sign in to follow this