1

So for this project I'm looking into encrypting a binary.

My binary should be protected by some means, making sure we know on the other end it was us who packaged/encrypted it. For this simple task you could use something like a password protected zip, but this has the obvious flaw that if you take extract the password, you can create your own version.

So in my case we have some device in the field, which needs to be receive binary blobs, which are encrypted, to protect its contents. We control the software on the device, so we have control over the entire ecosystem.

I've looked into asymmetric encryption, but this works the wrong way around for me. From what I have come to understand is that this works by handing out your public key, have someone encrypt a message using my public key, so I can decrypt using my private key. This is the other way around for my use case. The public key can easily be extracted from a private key, so having the private key on the device is also a no go.

We could do some simple encryption and add a gpg signing to verify that we have touched it, but that would require that we add another file.

So what I'm looking for is a system in which we can encrypt data using a "private" key, which the other end (our own device) can then decrypt using a public key.

Is there such a system, is my approach completely wrong?

Improve this question
5
  • 1
    The terminology is all over the place, so it's difficult to understand what you're trying to achieve. Do you want to protect the authenticity or the confidentiality of the executables? Those are two different things (but they can be combined). If you only want to protect the authenticity, then you need a signature or a message authentication code (MAC). This does not protect the confidentiality of the file. It produces extra data (the signature or MAC) which is sent along the executable itself. Does this meet the requirements?
    – Ja1024
    CommentedSep 30, 2024 at 13:27
  • I indeed want both, the authenticity and the confidentiality. My current thoughts are to use symmetric keys for the encryption, which is stored next to the file and place this in the signature, which is encrypted using asymmetric keys.
    – Foitn
    CommentedOct 1, 2024 at 9:35
  • 1
    If you want both, then you can first sign the plaintext executable (with GPG, for example), put both the executable and the signature file into an archive, and then encrypt this archive symmetrically. Encryption protects the confidentiality of the executable. At the same time, the receiver can obtain the signature from the decrypted archive and verify the authenticity of the executable.
    – Ja1024
    CommentedOct 1, 2024 at 9:52
  • 1
    Note that it shouldn't be possible to derive the public key from the private key unless the privat key is package with the public key together.
    – Marl Joos
    CommentedOct 1, 2024 at 12:24
  • 1
    welcome - please clarify - if you control the software on the recipient device, are you able to securely distribute private key and (separate) public key to that particular device? if the answer is yes, then you could do something like crypto box(Libsodium cryptobox Authenticated Encryption), which works by combining your public key and my private key, or your private key and my public key, to generate a shared secret that is then be used for symmetric aead en/de/cryption and verification of the contents
    – brynk
    CommentedOct 3, 2024 at 1:05

2 Answers 2

Reset to default
2

Asymmetric encryption works both ways. You can encrypt (or sign) your binary with a private key. This can then be decrypted with the public key, and this also assures it was published by someone who knew the private key, i.e. you.

Most systems already have a framework in place for signing and verifying binaries. E.g. SignTool.exe or CodeSign.

Improve this answer
1
  • 4
    There‘s no such thing as “encrypting with a private key” or “decrypting with a public key”. This is a misinterpretation based on naive implementations of RSA (also called “textbook RSA”). In reality, encrypting/decrypting and signing/verifying are completely different operations. It is of course possible to sign a binary (with GPG, for example), but this does not provide confidentiality and is therefore not a replacement for encryption.
    – Ja1024
    CommentedSep 30, 2024 at 13:02
1

Since you want to ensure both the confidentiality and authenticity of the executable according to your comment, you can combine a signature with symmetric encryption. For example:

  1. Sign the plaintext executable with your private key (using GPG, for example) and store the signature in a file.
  2. Put both the executable and the signature file into an archive.
  3. Encrypt the archive symmetrically, ideally using a modern authenticated encryption scheme like ChaCha20-Poly1305 or AES-GCM.

The symmetric encryption protects the confidentiality of the file. At the same time, the receiver can obtain the signature from the decrypted archive and use it to verify the authenticity of the executable.

Improve this answer
2
  • Would it not be easier to first archive them all, encrypt it using a symmetric key, then sign the symmetric key using an asymmetric key and append it to the archive? In that way the receiver doesn't need to know about the symmetric key, but they can extract it from the file itself
    – Foitn
    CommentedOct 1, 2024 at 11:50
  • 1
    @Foitn: Calculating a signature of the symmetric key doesn’t protect that key from being read. It actually doesn’t change the key at all, it just produces the signature as extra data. So if you’re trying to use the signature calculation as some kind of encryption of the symmetric key, that doesn’t work. The signature only provides authenticity. For confidentiality, the sender and receiver must either agree on a shared secret and then use symmetric encryption. Or the receiver needs their own asymmetric key pair, so that the sender can encrypt a symmetric key with the receiver’s public key.
    – Ja1024
    CommentedOct 1, 2024 at 14:52

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.