Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
12-31-2006, 12:38 PM
|
#1
|
Member
Registered: Oct 2006
Location: england
Distribution: fedora 6
Posts: 38
Rep:
|
Safely including private key in application
Hi,
I'm writing an app that needs to be able to decrypt files encrypted by my web server. Is there a safe way to include the private key in my compiled application so the a user/hacker will be unable to extract it from the compiled code?
Cheers
|
|
|
12-31-2006, 01:56 PM
|
#2
|
LQ 5k Club
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,399
|
I'm no security expert, but I do know a little about programming, and a little about reverse engineering of compiled code. If your key is embedded directly in the object code, say as a static array of integers or characters, it would be possible to find and extract that array from the object code. That is not to say it would be obvious which bytes within the object module would constitute it, but it would be there. A fairly trivial second level of security would entail encrypting the key prior to compiling the source code, and then decrypting the key at runtime. This would prevent the key from being stored 'as-is' within the object code. Depending upon how you perform the runtime decryption, it may still leave the key exposed as a complete entity within a memory image, which may get created as a core dump, or other deliberate tactic used to reverse engineer your code. You may be able to defeat this approach somewhat, by having your decrypted key stored in scattered locations in memory, or by never storing the fully decrypted key at any one time.
Hope this helps, and I hope a real expert can add to this discussion.
--- rod.
|
|
|
12-31-2006, 01:59 PM
|
#3
|
LQ Veteran
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
|
Why wouldn't you use the public key in the app and have the webserver encrypt with the private key?
|
|
|
01-01-2007, 03:17 AM
|
#4
|
Senior Member
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
|
Quote:
Originally Posted by Hangdog42
Why wouldn't you use the public key in the app and have the webserver encrypt with the private key?
|
OP said he needs to decrypt files that have already been encrypted. Decryption requires the private key.
As theNbomr mentioned you could encrypt the private key and include it in your binary. Another option would be to store the private key in a separate keystore vault, also encrypted. You would of course need to read a key to decrypt the keystore (whether it's in executable binary, or separate). Basically your options there are to read a string from a root:root -r------- mode file, or require the operator to type in a passphrase when the application starts up (assuming it's running as a daemon).
|
|
|
01-01-2007, 07:44 PM
|
#5
|
LQ Guru
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,884
|
Your approach is fundamentally flawed: you cannot "hide" a private-key anywhere and expect it not to be discovered. You have committed the cardinal sin of "security through obscurity."
You must arrange a system whereby the only key that is embedded into the application is a public one.
Otherwise, basically you are just doing "symmetric encryption in asymmetric clothing," which is just "symmetric." If that is the case, then you may as well just use DES and be done with it.
|
|
|
01-03-2007, 03:47 PM
|
#6
|
Member
Registered: Apr 2005
Location: chained to my console.
Distribution: LFS 6.1
Posts: 143
Rep:
|
Quote:
Originally Posted by andystanfordjason
Hi,
I'm writing an app that needs to be able to decrypt files encrypted by my web server. Is there a safe way to include the private key in my compiled application so the a user/hacker will be unable to extract it from the compiled code?
Cheers
|
whilst i am certainly no expert, i would suggest not. i expect that with a little hard work someone could find your decryption routine, establish a breakpoint and gather the key from there.
i am curious though as to what would need a binary application to download encrypted updates and use them in a manner that cant be decrypted...
|
|
|
All times are GMT -5. The time now is 12:56 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|