[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    encrypting/decrypting using public and private keys
From:       David McCowan <David.McCowan () METRATECH ! COM>
Date:       2000-01-19 19:08:15
[Download RAW message or body]


I encrypt sensitive data prior to storage and then decrypt at a later time.
Currently, I am using a symetric session key. I think a better solution is
to use a public/private key mechanism. I'll get higher key strength and I
don't need to worry about compromising the encryption key (this key resides
on an externally accessible server).

My problem is that the public key is also able to decrypt the data. Does
anyone have insight as to why? I generate the key specifying
AT_KEYEXCHANGE/CRYPT_EXPORTABLE to CryptGenKey. Then I export a
PUBLICKEYBLOB and import this key blob into the client process. In the
client, I run CryptGetKeyParam to validate the key be checking the key
length and this look Ok.

I am using the MS Enhanced Provider and RSA_FULL. Any information is
appreciated.

Thanks,
Dave

--
David McCowan                      +1.781.839.8408 (direct)
MetraTech Corp.                     +1.781.839.8300 (main)
330 Bear Hill Rd                      +1.781.839.8301 (fax)
Waltham, MA 02451-1015        www.metratech.com

----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://discuss.microsoft.com/archives/index.html

[prev in list] [next in list] [prev in thread] [next in thread]