Can someone put my mind at rest and see if this setup will verify that a file has come from me. An idea of how secure this is would be great and any potential attack vectors.
The update is an exe and will be executed so I want to make sure it's not executed if someone replaces or tampers with it.
EDIT: Updated point 6 as the public key doesn't actually generate a hash, just verifies it. I think it's this part I'm struggling with the security of.
The Directorate of Security Assistance (DSA) provides policy oversight, guidance, planning, coordination, and direction for the execution of and improvements to security assistance and equipping programs.
As compared to DSA, the RSA algorithm is slower in encryption. As compared to RSA, the DSA algorithm is faster in decryption. RSA works best in the cases of encryption and verification. DSA works best in the cases of signing (digital) and decryption.
Your approach looks good. The question remaining is how secure is your application on the client. Is there a chance that someone could tamper with the executable? Maybe switch the public key in the application resource?
It is getting theoretical here, but I wold suggest a small modification to step 6: Be specific which exact public key you want to use. If some attacker could switch the key in the application resource he could send an altered package with a correct hash for another private key. This may be only a minor concern since the attacker already modified your software. But if he only could replace the application resource and nothing else he would have then the ability to let your application update itself with his malicious code.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With