The shareware registration system I'm currently developing embeds the public DSA key in the executable itself, and the private key resides on a server. (For the sake of discussion let's assume that the server is 100% secure, and there is no way for anybody to get their hands on the private key.)
Whenever the program is purchased, the server generates a license for the user by signing the user's name with the private key. That license is then emailed to the user. Once the user manually enters their name and license into the shareware application it is verified by the public key embedded in the application to be a valid or invalid license.
However, it would be fairly trivial for a determined person with the right "know-how" to disassemble the executable and retrieve the public key.
My question here is, what could they do with it? Is a public key, by itself, completely innocuous? Is the public key enough information to reverse engineer a key generator?
Curious minds want to know. Thanks in advance!
In cryptography, a public key is a large numerical value that is used to encrypt data. The key can be generated by a software program, but more often, it is provided by a trusted, designated authority and made available to everyone through a publicly accessible repository or directory.
A public key introduces an element of privacy exposure: if someone knows that you've used the same public key to log into A and to log into B, they know the same person logged into A and B. Merely possessing the public key makes you a suspect that you also have the private key, so you lose some anonimity.
Private key is used for both encrypting and decrypting the sensitive data. It is shared between the sender and receiver of encrypted data. Public key is used only for the purpose of encrypting the data. The private key mechanism is faster.
Public key encryption is extremely useful for establishing secure communications over the Internet (via HTTPS). A website's SSL/TLS certificate, which is shared publicly, contains the public key, and the private key is installed on the origin server – it's "owned" by the website.
The public key should get them nothing useful. However, if the check is easily found they might be able to simply circumvent it and patch in a test that always succeeds without ever bothering to verify the license against the public key.
A public key by itself would let them decrypt any encrypted information sent out by the server. That's it. Going from public key to private key is exceptionally hard; that's how public key cryptography works. (By “exceptionally” I mean that it's designed to be resistant to well-funded government efforts; if it keeps the NSA from cracking you, it'll be sure good enough for stopping Joe Blow.)
Note that it doesn't help with DRM, which it sounds a bit like you're trying to do. DRM is just plain broken by design; if the attacker has the information and the key to unlock it in devices local to him, it's already game over. If you give a key to an attacker, it might as well be public since he's sure not going to be willing to keep it secret…
Assuming an as-yet-unbroken encryption method is being used, the public key can not be used to determine the private key. It is meant to be truly public; known by anyone.
Public keys are used everywhere -- logon forms, security of banking transactions, client-side authentication etc. So the short answer is that you shouldn't worry, cause lots of other, smarter people have looked at this problem and accepted the distribution of public keys to endpoints.
What can people tell from your public key? They would obviously know a key name and key length. I assume that the key is part of a certificate, which could also contain some details about your company and website URL.
My questions to you are:
1) Why are you worried about a public key in an executable? Any half-decent cracker would just change your executable to bypass the public key check altogether. The fact that the encryption is strong is meaningless when you're giving a binary to the client that can be modified.
2) Are you aware of the mess you may be getting yourself into? There's nothing inherently wrong with using public key encryption to secure a binary, but you may end up with problems as the system develops. Things such as expired keys, key roll-overs and key issuance (I believe this is a tool you're developing to sell) can become a major pain. And, yet, you'll still be stuck with the reality that your bigger challenge is stopping crackers from just rerouting the binary to avoid your security check altogether.
Just having the public key is not enough information to do anything useful with.
The only thing that could be done is someone could encrypt a message using the public key that could only be decrypted with the private key. But if the private key is only on the server, this will not do anything.
Any other attack would require trying to calculate the private key, which will not be sped up at all by having the public key.
In asymmetric cryptography it is safe to give your public key to an attacker. However, this value, along with a signature or cipher text produced by a private key can be used in Trivial Attack to obtain the corresponding private key.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With