Hi all, plese excuse me if this question does not fit here. I post in security forum because my problem relates with. I need to crypt a private key with an symetric algorithm and I want to use the processor id as a key, so, if my private key is stolen, they have a little more job. It's a correct approach ? I'm new on security issues, please forgive me if this question is not so smart. I look on the ranch for similar question but without results. Thanks for all !
You won't be able to directly access the Processor ID, as the very nature of java is Write Once, Run Anywhere. I am fairly sure Macs don't have processors with accessible ID numbers.
You could write some native code to grab the id, and link it in with JNI, but if you want real security encrypting with a passphrase would be far better, although preventing unattended restarts might not be practical.
tommy k. lee
Greenhorn
Joined: Jun 16, 2004
Posts: 20
posted
0
What is your business requirement? Are you trying to do this as a software licensing strategy?
If so, it may be better to use an asymmetric encryption algorithm, rather than a symmetric algorithm. What you can do is distribute your PUBLIC key as part of your software, and sign the license with your PRIVATE key. Your software can validate that the license is valid using the embedded PUBLIC key. Hence, you would NOT need to distribute your private key, and therefore, your PRIVATE key would not get compromised.
For more information on this subject, take a look at JCE (Java Cryptography Extensions).
0
