>Question. Is it possible to have code that contains a private encryption >key safely?
As a practical matter, yes and no. Practically no, because any way you hide the encryption key could be reverse engineered. Practically yes, because if you work at it you can make the key hard enough to reverse engineer that it is sufficient for your threat model. This problem is the same problem as copy protection, digital rights management, or protecting mobile agents from the computers they run on. They all boil down to the same challenge; you want to put some data on a computer you don't control but then restrict what can be done with that data. The digital rights management folks try to restrict the program that uses the data; region-locked DVD players, digital music software that obeys copyright restrictions (SDMI, etc), or the latest idea, having an encrypted channel all the way to your speakers and monitor which are secure tamper-proof devices. All of these schemes are defeatable, but can be made quite difficult. The mobile agent community has come up with some clever ideas on the problem, but nothing that's a practical solution yet. The version here is you want to run a program on a remote untrusted computer and you want to prevent your computation from being subverted or stolen. It's very hard, and my intuition was it'd be impossible, but in fact there are some interesting thoeretical results that show it is possible, at least in some limited domains. I haven't followed this research recently, but here are some good papers from a few years ago: Towards Mobile Cryptography (1998) Tomas Sander, Christian F. Tschudin http://citeseer.nj.nec.com/167218.html We present techniques how to achieve "non--interactive computing with encrypted programs" in certain cases and give a complete solution for this problem in important instances. Protecting Mobile Agents Against Malicious Hosts Tomas Sander, Christian F. Tschudin http://citeseer.nj.nec.com/329367.html --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
