Security using .exe applications and external files.

Dar Scott dsc at swcp.com
Thu Sep 21 17:04:43 EDT 2006


On Sep 21, 2006, at 2:48 PM, Alvaro Abril - Tecnologia wrote:

> I use applications .exe and .txt files. But .txt files is not secure,
> because the people see and change information easily. I need files  
> with more
> security conditions. What I need to use?

To prevent changes, use a MAC.  This is a "Message Authentication  
Code".  You can find this in wikipedia.

You can made a simple MAC function with the MD5() function.  The MD5 
() function does not require the Revolution encryption capability, it  
comes with any release.  You need to have a secret string that is  
hidden in your script or hidden in the user key (serial number).   
Your MAC function can take the string to be tested and the secret  
code and return the base64Encode() of the MD5() of the concatenation  
of the two strings.

 From that make a function got generate file data from inside data by  
adding a line with the MAC.  Also make a function that checks the MAC  
at the end of a file.  Use those to check that the data has not been  
modified.

If you also want to hide the data, you need to also (on the outside  
of all that) encrypt it.  That is easiest with the Revolution  
encryption library, but you can use command line tools or make a  
simple hiding function using the MD5() function.  If you do not think  
people will spend more than a few seconds on trying to read it, you  
can even make a simple function like the classic rot13 function.

Dar



More information about the Use-livecode mailing list