0

I have a program which is obviously decrypting its data with a public, binary key of variable length.

I came to these facts by doing some more or less educated guesses:

  • Reverse Engineering revealed that the program needs the name of a file including a public key
  • Viewing this file in a hex editor shows totally random binary data (with no interesting pattern or anything), prefixed with the length of the file - in one version the file is only 200 bytes long, in another about 2000 bytes.
  • Thinking about the security, I guess the programs company encrypts the data files with a private key so that noone can create their own data files (which would fit the programs needs - no "modding" should be allowed nor the data be shown in third party programs).
  • The data files are prefixed with a human readable 64 byte long header, the rest is again completely random binary data.

I'd like to use the same system for my own program, if such thing is available. Is there an encryption method capable of asymmetric encryption / decryption with a binary key of variable length, if yes, which one and how can I implement such thing?

Ray
  • 7,940
  • 7
  • 58
  • 90

1 Answers1

1

That's not the way to proceed. You can use a fixed length key for variable length data. As asymmetric crypto is pretty slow, the usual method is to generate a random symmetric secret key (say, a 128 bit AES key) and encrypt the data using e.g. CBC. Then the symmetric key is encrypted by an asymmetric public key, say RSA 2048 bits. Decryption means decrypting the secret key using the private key, then decrypting the data with the data specific secret key.

If you don't know how to do this you can use a library capable of creating CMS (cryptographic message syntax) to perform this scheme.

Note: a 2000 byte asymmetric key pair would take forever to encrypt something, even if you could create a key pair of that size.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263