Safest way (i.e. HTTPS, POST, PGP) to send decryption keys through the web?

Posted by theGreenCabbage on Programmers See other posts from Programmers or by theGreenCabbage
Published on 2013-10-24T15:00:04Z Indexed on 2013/10/24 16:08 UTC
Read the original article Hit count: 153

Filed under:

encryption

I am in the final stages of development for my Revit plugin. This plugin is programmed in C#, and distributed via a DLL. One of the DLLs is an encrypted SQLite database (with proprietary data) that is in the form of a DLL. Currently, in development stages, the decryption key for the SQLite database is hardcoded in my main DLL (the program's DLL). For distribution, since DLLs are easily decompilable, I am in need of a new method to decrypt the DLL. My solution is to send our decryption keys from our servers securely to the host's computer.

I was looking in POST, thinking it was more secure than GET, but upon research, it appears it's similarly insecure, only more "obscure" than GET. I also looked into HTTPS, but Hostgator requires extra money for HTTPS use.

I am in need of some advice - are there any custom solutions I can do to implement this?

Related posts about encryption

SQL SERVER – History of SQL Server Database Encryption

as seen on SQL Authority - Search for 'SQL Authority'
I recently met Michael Coles and Rodeney Landrum the author of one of the kind book Expert SQL Server 2008 Encryption at SQLPASS in Seattle. During the conversation we ended up how Microsoft is evolving encryption technology. The same discussion lead to talking about history of encryption tools in… >>> More
Encryption is hard: AES encryption to Hex

as seen on Stack Overflow - Search for 'Stack Overflow'
So, I've got an app at work that encrypts a string using ColdFusion. ColdFusion's bulit-in encryption helpers make it pretty simple: encrypt('string_to_encrypt','key','AES','HEX') What I'm trying to do is use Ruby to create the same encrypted string as this ColdFusion script is creating. Unfortunately… >>> More
Confused about encryption with public and private keys (which to use for encryption)

as seen on Stack Overflow - Search for 'Stack Overflow'
I am making a licensing system when clients ask my server for a license and I send them a license if they are permitted to have one. On my current system I encrypt the license using a single private key and have the public key embedded into the client application that they use to decrypt the license… >>> More
Encryption Product Keys : Public and Private key encryption

as seen on Stack Overflow - Search for 'Stack Overflow'
I need to generate and validate product keys and have been thinking about using a public/private key system. I generate our product keys based on a client name (which could be a variable length string) a 6 digit serial number. It would be good if the product key would be of a manageable length… >>> More
Software tools to automatically decrypt a file, whose encryption algorithm (and/or encryption keys)

as seen on Stack Overflow - Search for 'Stack Overflow'
I have an idea for encryption that I could program fairly easily to encrypt some local text file. Given that my approach is novel, and does not use any of the industry standard encryption techniques, would I be able to test the strength of my encryption using 'cracker' apps or suchlike? Or do all… >>> More

Developer IT