0

I am developing a windows desktop app where the clients applications need to download some data file from a public shared folder. in order to protect the data from tempering i would like to generate RSA private and public keys. keep the public key in my own machine at home and include the private key in all clients.

when i want to send a new file for the clients to download (at well) i hash the file and encrypt the hash with the public key and store it as .sig file alongside the data file in a public shared folder.

now if one of the client users is malicious he can steal the private key from his machine.

the question is : provided that the public key is secret and this is the only use of that key pair and i absolutely don't need any encryption on the data file. does stealing the private key from a client compromise my public key? i.e can the malicious user craft a file signature so that the data file appear to be coming from me?

EKanadily
  • 3,831
  • 3
  • 35
  • 33
  • The point in a private key is that it is not distributed. What you should do instead is use TLS and have all of this handled for you with minimal effort. – Luke Joshua Park Jun 01 '18 at 20:46

1 Answers1

4

I belive you've designed this backwards.You want to send the public key to the clients and keep the private to yourself. The public key is public; anyone should be able to know it. The private key is private; only the owner should know it.

Rather than hashing the file and encrypting the hash with the public key, you want to sign the file with your private key and let the clients use the public key to verify the signature. The signing operation performs the same idea as your "encrypt the hash" but is the standard construction, and your RSA tools likely include a signing function.

Rob Napier
  • 286,113
  • 34
  • 456
  • 610