Click here to Skip to main content
14,926,387 members
Home / Discussions / C#
   

C#

 
QuestionRe: Encryption Recommendation Pin
CPallini26-Feb-09 10:07
mveCPallini26-Feb-09 10:07 
AnswerRe: Encryption Recommendation Pin
mobius11100126-Feb-09 10:08
Membermobius11100126-Feb-09 10:08 
GeneralRe: Encryption Recommendation Pin
CPallini26-Feb-09 21:12
mveCPallini26-Feb-09 21:12 
AnswerRe: Encryption Recommendation Pin
led mike26-Feb-09 10:09
Memberled mike26-Feb-09 10:09 
GeneralRe: Encryption Recommendation Pin
Jim Crafton26-Feb-09 10:48
MemberJim Crafton26-Feb-09 10:48 
GeneralRe: Encryption Recommendation Pin
led mike26-Feb-09 11:01
Memberled mike26-Feb-09 11:01 
GeneralRe: Encryption Recommendation Pin
CPallini26-Feb-09 21:11
mveCPallini26-Feb-09 21:11 
AnswerRe: Encryption Recommendation Pin
harold aptroot26-Feb-09 11:50
Memberharold aptroot26-Feb-09 11:50 
Do they requirements specify how strong the encryption needs to be?

The requirements are unrealistic. It is in fact impossible without relying on user input*. You can use encryption of course, but it will not do anything besides wasting valuable resources. It will bar only the worst pseudo cracker that dares call himself/herself a cracker - and those are not the people that the company should be concerned about.
It's impossible because this is not a communication-channel you're trying to protect (where evil Eve only has knowledge about the communication itself), this amounts to trying to protect static data. It's impossible. Even if 3rd party programs have to use a "secret" key. They key is not secret, because the 3rd party program can access it. Thus, so can anyone who has the 3rd party program. Even if it has to, for example, use yet an other key to decrypt the real key. Or a 3rd key to decrypt the 2nd key. Somewhere it will end in a piece of data that is readily available to anyone.

That leaves you with user input - that is, requiring that 3rd party software do not store the key inside itself, but asks the user to input it. Sure the users could leak it, but at least the data itself doesn't contain its own key.

However, and this is a much bigger problem, the very thing you're trying to protect with such heavy locks is still unprotected. That is, to use it directly requires opening the locks.. but what's to keep anyone from dumping the locks? Decompile(.NET - obfuscators will not stop real crackers)/disassemble(native) the dll, delete the encryption code, and recompile/re-assemble..
The only people you'd successfully protect from, are people from which you have little to fear.



QuestionRegex Problem Pin
musefan26-Feb-09 8:35
Membermusefan26-Feb-09 8:35 
AnswerRe: Regex Problem Pin
PIEBALDconsult26-Feb-09 9:01
professionalPIEBALDconsult26-Feb-09 9:01 
GeneralRe: Regex Problem Pin
musefan26-Feb-09 10:15
Membermusefan26-Feb-09 10:15 
AnswerRe: Regex Problem Pin
Luc Pattyn26-Feb-09 11:01
sitebuilderLuc Pattyn26-Feb-09 11:01 
GeneralRe: Regex Problem Pin
PIEBALDconsult26-Feb-09 12:46
professionalPIEBALDconsult26-Feb-09 12:46 
GeneralRe: Regex Problem Pin
musefan26-Feb-09 23:53
Membermusefan26-Feb-09 23:53 
AnswerRe: Regex Problem Pin
Luc Pattyn27-Feb-09 1:26
sitebuilderLuc Pattyn27-Feb-09 1:26 
GeneralRe: Regex Problem Pin
musefan27-Feb-09 1:44
Membermusefan27-Feb-09 1:44 
AnswerRe: Regex Problem Pin
Luc Pattyn27-Feb-09 1:51
sitebuilderLuc Pattyn27-Feb-09 1:51 
GeneralRe: Regex Problem Pin
musefan27-Feb-09 2:06
Membermusefan27-Feb-09 2:06 
GeneralRe: Regex Problem Pin
PIEBALDconsult27-Feb-09 4:36
professionalPIEBALDconsult27-Feb-09 4:36 
QuestionBy-passing certification validation for Webservice Pin
satsumatable26-Feb-09 8:13
Membersatsumatable26-Feb-09 8:13 
QuestionIntptr and dll Pin
Alessio Granzotto26-Feb-09 8:08
MemberAlessio Granzotto26-Feb-09 8:08 
AnswerRe: Intptr and dll Pin
Curtis Schlak.26-Feb-09 8:29
MemberCurtis Schlak.26-Feb-09 8:29 
GeneralRe: Intptr and dll Pin
Alessio Granzotto26-Feb-09 8:33
MemberAlessio Granzotto26-Feb-09 8:33 
QuestionC# or autoit Pin
alwaysthinking26-Feb-09 7:10
Memberalwaysthinking26-Feb-09 7:10 
AnswerRe: C# or autoit Pin
Calin Tatar26-Feb-09 7:45
MemberCalin Tatar26-Feb-09 7:45 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.