Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Confused about encryption with public and private keys (which to use for encryption)

I am making a licensing system when clients ask my server for a license and I send them a license if they are permitted to have one.

On my current system I encrypt the license using a single private key and have the public key embedded into the client application that they use to decrypt the license. It works!

Others have told me that I should be encrypting with the public key on the server and distributing the private key to clients. I have searched the web and can see that sometimes they use the private key to encrypt and other times they use the public key to encrypt.

In this case what am I supposed to do?

like image 363
jax Avatar asked Jun 04 '10 15:06

jax


1 Answers

Others have told me that I should be encrypting with the public key on the server and distributing the private key to clients.

Those people are wrong. The name private key implies that it is private meaning that only you should have access to it.

In this case what am I supposed to do?

Use digital signatures. Sign the license file with your private key and use your public key in your application to verify that the signature on the license came from you.

like image 59
Kevin Avatar answered Nov 15 '22 01:11

Kevin