0

I have a software development kit which packages the data for the finished program in a series of LZMA packages. I want to ensure that my software is the only program that can read the packages, even though they're compressed in an open-source format. I also want to be able to encrypt it, if the user wants to, further so that only the finished program can read it and not the original SDK. If I simply run it through an encryption method twice, will that work?

To put it in pseudo-code:

encrypt_file(filename, "SDK key")
user_key = get_input()
encrypt_file(filename, user_key)

The compressed packages contain common file formats like PNG images, MP3 audio files, etc. Will this method work properly, such that I can just decode it by doing something like this:

user_key = getkey() //Retrieve it from some configuration setting
decrypt_file(filename, user_key)
decrypt_file(filename, "SDK key")
Morgan Patch
  • 103
  • 2
  • Do you care if the users of the program can get at it? The SDK and user keys will be accessible to the systems that have the software installed. – AJ Henderson Sep 13 '13 at 15:38
  • See my comment below. The SDK is not open-source, and so any keys which aren't stored in plain-text files shouldn't be readable by people. I just want to ensure that packages created by my SDK are only readable by my SDK, and further any packages which users want to remain unreadable by my SDK are unreadable by my SDK, only by the software they generate using the SDK. – Morgan Patch Sep 13 '13 at 15:56
  • 1
    that is incorrect, it will still be easily detectable even if not human readable. It is fairly easy to pull encryption keys out of compiled code. – AJ Henderson Sep 13 '13 at 17:22

2 Answers2

1

If you want to ensure that only people that have your software are able to decrypt it and if only the people with the finished program need to be able to decrypt it then you should be ok since only people with those particular versions of the programs have the key.

It can not be emphasized enough, however, that anyone who possesses an installation of the software also possesses a copy of the key. If the software can decrypt it, so can the person who runs the hardware the software is running on. To try to make it so the user can not access it goes in to the realm of DRM and is really a hopeless cause unless you control the hardware.

Note, for efficiency gains, you could accomplish the same thing by encrypting with a unique key every time and then only encrypting the key twice. This would greatly enhance the speed of encryption and decryption as a much smaller amount of data (the key) has to be encrypted/decrypted twice. It also simplified changing one of the keys if a key becomes compromised since only the file keys need to be re-encrypted.

AJ Henderson
  • 41,816
  • 5
  • 63
  • 110
  • Thank you. Basically, my idea was that simply having an LZMA software like 7-zip isn't sufficient to open the packages, but rather you need my software. However, with the software, people can open the packages to mod the software. But I also realized that I wanted to allow users to prevent their software from being modded by adding their own keys. As a result, software with a user key can only be read by the finished program that user compiles, and software without a user key can be opened by anyone with my SDK. – Morgan Patch Sep 13 '13 at 15:52
0

While on the surface what you're proposing will work, it's important to understand that it is trivial to extract the decryption key from the software so the user can decrypt the file without your program, and distribute that key to the world at large, allowing anyone at all to do the same.

There is no way around this.

tylerl
  • 82,225
  • 25
  • 148
  • 226