On Sat, Feb 10, 2007 at 02:13:42PM -0700, jason heddings wrote: > I'm making use of libgcrypt for a specific encryption application. I'm > assuming that the following is secure: > > - Use libgcrypt to create a keypair > - Save the S-exp to an internal, protected keystore > - Base64 encode the public-key portion of the S-exp > - Broadcast the base64-encoded key to associated clients > - Use the broadcasted public-key to encrypt data > - Send encrypted data back to a server containing the keystore > - Only server can decrypt encrypted data using private keys > > Can someone please correct me if I am wrong? Is there a problem with this > approach, or perhaps a better one?
Without a detailed specification of the protocol it is almost impossible, but for starters, do not encrypt actual non-random data with a pubkey. It is always bad idea to roll your own crypto protocol, use SSL/TLS or OpenPGP or CMS, or XML cryptography if possible. Alex -- JID: [EMAIL PROTECTED] PGP: 0x46399138 od zwracania uwagi na detale są lekarze, adwokaci, programiści i zegarmistrze -- Czerski _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users