1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2013
    Rep Power

    Question Mutating Encrypted Program

    I wish to have an application that when you run it, it asks for a private-key. The private-key is used to decrypt the inner program.

    Once decrypted, the application generates [somehow] a new public-key that it uses to re-encrypt the inner program.

    The application does NOT know the private-key. The application, when decrypted, will not need to tell the user any information to figure out the next key.

    With that said, the user will already know the future private-keys to use, making it impossible to figure out the next key through logging of any sort.

    Yes, I understand that if someone just internally made the application save the inner program when I decrypt it they could just have it. I will deal with that on my own.

    Currently, my only idea is to be able to generate public key sets from a seed WITHOUT knowing the private key set. I'm PRETTY sure this is not possible with RSA.

    The best way I could describe this is having a public-seed and a private-seed, it's an unknown topic to me thusfar.

    I'm confident that this is possible, I just havn't figured out a way yet.

    I would appreciate any input on this topic, as I need a solution.

    Please post any questions and I will try to answer them as quick and as best as I can.


  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    May 2007
    Rep Power
    It would bet better if you described what your end-goals are rather than how you're trying to achieve them. It could be that there is a perfectly valid way to do what you want, but we don't know that since we're trying to reverse-engineer that from the solution you've decided on.

    It sounds like you're trying to create some sort of licensing system or DRM in a rather convoluted manner. More simply, you could include the next public key along with the current private key (with suitable controls to ensure that the public key is not tampered with). Of course none of this is going to secure your program at all (the decrypted program still has to be present in memory at some point; also nothing stops the user from saving a copy of the program before hand and reusing a key). The only solution to this problem is (1) only run the program on your own machines, only providing the user with access to the input/output; or (2) have the user sign a contract / license agreement and have a lawyer on hand.
    sub{*{$::{$_}}{CODE}==$_[0]&& print for(%:: )}->(\&Meh);

IMN logo majestic logo threadwatch logo seochat tools logo