Sunday, March 8, 2020
C&C essays
C&C essays In public key cryptography, there are 2 keys. One is public and other is private. If something is encrypted using the public key, it can only be decrypted using the private key. Therefore, all e-commerce merchants publicize their public keys. They also securely maintain their private key. Private Key should never be revealed. Anyone who wants to contact the merchant encrypts his information using the merchants key and only the merchant can decrypt this information. Note that once encrypted, not even the customer can decrypt this since he does not know the private key. Please note that there is ONLY one pair of such keys. There is one private key (which we keep securely) and one public key which we distribute to anyone who wants to talk securely with us. In case of license keys, there is a slight difference. Here, xxx is initiating a transaction and information is flowing towards the customers (in the form of license key). Since we do not want to distribute our private key to customers, we will encrypt license key using our private key. The public key will be embedded in the product code. Using this public key, only xxx products will be capable of decrypting the licenses and using them. So, with this little background, we need to generate 2 keys (private and public) for xxx. The keys can be generated using OpenSSL as follows: openssl genrsa -out private.pem 248 This key contains both the public and private keys and to separate the public key we can use : openssl rsa -in private.pem -out public.pem -outform PEM pubout The public key can now be embedded in all xxx products (see example at the end of this document), and private key is securely maintained by us. Next step is to determine what information to use to generate a License for the paying customer. Again, this pair of public and private keys will be unique for business. For every license, the same private key will be used to encrypt the lic ...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.