views:

73

answers:

1

Hi,

I have a situation where I need to make some data available for reading by anyone from a specific device, where the data is pre-loaded on the device, but I cannot allow anyone to create their own device and populate it with their own data in the same format.

I know this sounds a little crazy, but there is a good reason!

I was planning to use Public Key cryptography, encrypting the data with a public key, but then publishing the private key to anyone who wants to read the data.

However, after looking at the RSACryptoServiceProvider and how it works it looks like I cannot just publish the private key as the private key can be used to create the public key.

Could someone confirm that suspicion, or give me some hints on how I might be able to make this work!

Many Thanks.

+5  A: 

What you want to do is effectively sign the data.

You encrypt the data with the private key and hand out the public. The end-users know that the data originated from you because they have the public key and only your matching private key could have signed the data.

There is no need to "reverse" the public/private key pair.

Paolo
Hi Paolo, thanks for the answer, you are spot on!I had missed the digital signature process, and the following helped sort it out.http://stackoverflow.com/questions/720673/sign-a-file-using-a-private-key-in-net
Wizzarding