How to pass keys between two programs when using AES Encryption
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   Dahai_Zheng
Posted On:   Thursday, June 10, 2004 06:45 AM

I am using AES to encrypt a database password. There are two programs: I encrypt the password in the first program and save the encrypted message in a text file. In the second program, I will decrypted the message and get the original password which then be used in database connection. How do I pass keys between these two programs, in which format should I public the keys?


I am following the example given by:


http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html

Re: How to pass keys between two programs when using AES Encryption

Posted By:   Christopher_Koenigsberg  
Posted On:   Thursday, June 10, 2004 07:51 AM

Congratulations -- you have just re-discovered the key distribution problem! unless you can get the key to both parties some other way, beforehand.

Diffie and Hellman (?) invented "public keys" (asymmetric public/private keypairs) to solve it.

First, you send the session (AES, symmetric secret) key, in a message encrypted to the receiver's public key.

The receiver decrypts it, by their private key.

And then, from that point on, you can both use the shared, AES session key, to encrypt everything.
About | Sitemap | Contact