That have no parameters or string data or message popups in them Scattered throughout my program is Procedure checks The Byte size, picture dimensions, and colors of the Bitmap file are also part of encryption If its encrypted name matches up to that specific computer's generated encrypted File NameĪnd matches up with the encrypted Key hidden inside the Bitmap My program will only open that Bitmap file name The Bitmap file name is partial part of encryption I then create that Bitmap with that encrypted File name I also know in advance what encrypted File name his Computer will generate The Customer's computer itself generates the Bitmap 's file name His computer generates a specific encrypted unlock key His computer generated encrypted unlock key, my program runs successfully The encrypted Unlock key is created from his computer everytime he runs my programĪnd if the encrypted unlock key inside the Bitmap matches up with I encrypt all his computer data as a encrypted KEY inside the Bitmap picture fileĪnd all the Data is also encrypted in the Bitmap It creates a TXT file with all that computer data ( not encrypted )Īlong with his Name, Address, email, etc data, PayPal or Credit Card purchase data My program gathers all relevant data about his computer The encrypted Unlock Key and Data is hidden inside the Bitmap picture The Unlock Key file is a BITMAP picture file Other Procedures look at Colors of Bitmap Some Procedures call other Procedures, some are fake Procedures (meaningless calculations) So no calculations are performed until program is Unlockedĭecryption is scattered around many different Procedures ( no parameters, no string data ) It calls another Sub or Procedure ( no parameters ) that clears all inputted program data The Sub or Procedure is called, but has no parameters It looks for and at Unlock Key file in my program's directory It will run in Demo-mode until its unlocked Its probably good enough for type of my Customers and what i'm doing But be carefull that the keyserver is not affected by ManInTheMiddle attacks. If someone want's to send a file it may get encrypted using this public key (requested from keyserver) and the recipient is the only one who is able to decrypt using his private key. If you like to use some PKI, every client might generate a RSA keypair on first start and submits his public key to some online keyserver. If you have some protocol, I would strongly suggest something like Diffie-Hellman to agree on some session key for the transmission. Then the file ie securely transmitted (if password is good) but you need to exchange this secret. You can use the SHA256 of this secret for encoding and decoding. If you like to transmit files securely, both parties need to agree on some secret. You also can use PKI functionality ( ) to get it running. This is called "security by obscurity" and is the biggest misstake in cryptography since ever ( ).ĭiffie-Hellman and consorts are invented to help here, but they need some conversation. No matter how big the keys are and how secure the algorithms are. Some example: Only knowing the place where the key is hidden (for example in some type of file format or protocoll) is not secure as everything is broken as soon as the place is known. If the key is known or part of the transmitted message, there is no security at all. If you are encrypting something, there will be needed some kind of key. It is important to understand attacks before implementing some protection. You should make yourself a little familiar with encryption and hacking before implementing some cryptography that does not prevent anything.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |