On 14 March 2011 21:24, Nymann <[email protected]> wrote:
> > I hope we are agreeing that I can put the public key as an asset and > use this for encryption and then decrypt this information with my > private key? (which off couse is not on the device). > Absolutely correct. I read you former post wrong. Happens :) > I had just hoped that I would be able to use the public key > certificate which is used for signing the application. > To sign or encrypt you need (any) private key. Public key is of no use alone for task you wanted it to use - you can use it to check if certain data is signed with private key this public one is "bond to". You can also use public key to encrypt the data, but only in the way that only holder of private key the used public key is "derrived" from, would be able to decrypt the data (or/and optionally you). So maybe this is a way for you - make your app creating private key on its 1st run and then encrypt sensitive data with that private key and your public key. Since you want one way communication cvhannel, to you, this private key on the device does not matter anymore (it can be even removed), becase whoever holds private key, can't use it for anything - each user of your app got different private key, so he can't send i.e. any data in behalf of particular Sore read: http://en.wikipedia.org/wiki/Data_encryption#Public-key_cryptography for a quick read, popular "The Code Book" by Simon Singh for general overview on the crypto subject for anyone interested (nicely written and no crypto background needed), "Applied cryptography" by Bruce Schneier for longer and bit more techie one. Regards, Marcin Orlowski Tray Agenda for Android <http://bit.ly/trayagenda> -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
