Decryption-Only method in C#

Question

I'm looking for a secured way to implement a license file for my application, with flags and features. I read about Asymmetric key mechanism in C#, but the RSA purpose is little opposite from what I need.

I want to generate a license file: encrypted cipher. The application would have the key to decrypt the file - but wont have the ability to re-encrypt it. Everywhere I checked, the example shows how party A generates public and private keys and passes the public key to party B so it can use it for encryption. It's probably there between the lines, but I can't see it.

I checked this one: Encrypting and Decrypting

I can find a way to use the code I see to implement it, but I'm not sure it's really secured.

Answer 1

You can still use asymmetric encryption: generate a public-private key pair, encrypt with the private key, and the client (the "application" as you mentioned) can decrypt it with the public key.

Of course, a public key (and the private key too) can be used for both encrypting and decrypting.

But re-encrypting plain text with a public key would generate a completely different cypher than a cypher encrypted using a private key. Decrypting and re-encrypting with the same key would produce a different result, and so it's useless.

Answer 2

What dcastro said above is absolutely correct, and you should give him credit. I just want to add to it, but can't yet comment. If you encrypt the license information with our private key, and distrute your public key with the application, you would be able to decrypt the license information. Without the private key, it wouldn't be possible to re-encrypt a different version of the license that could be decrypted with the public key without using the private key.

Asymetric encryption works like this.

Information encrypted with public key can only be decrypted using the private key. Information encrypted with the private key can only be decrypted using the public key.

Now for the kicker.. You're probably going to want to encrypt your license with a symmetric algorithm, and encrypt the key needed to decrypt it with the asymmetric algorithm. This way the length of your license data isn't limited by the asymmetric and the symmetric key can be customer specific.

Like I said, give the credit to dcastro.