Asymmetric cryptography with reversed key roles

Question

I'm trying to implement licensing system for a software to prevent piracy.

For this I need to read a license file within the application, and I need to make sure this file is written by the owner company.

Asymmetric cryptography has good potential for this aim, but in other way around!

Asymmetric cryptography algorithms, like RSA, give you a Public key and a Private key which are used as follow:

• Private keys are used to decrypt.

• Public keys are used to encrypt.

But I need them like this:

• Private keys to be used to encrypt.

• Public keys to be used to decrypt.

A simplistic idea would be to switch the role of public and private keys, but there are posts saying that in RSA public keys can be generated from private ones which make this idea impractical.

So here's my question: Is there any asymmetric cryptography with reversed key roles?

Answer 1

If speaking about RSA public/private key pair can be used in both cases you described. When you use private key to encrypt then public key decrypts and vice-versa.

As you said public key can be derived from private key but not the other way.

If you want to prove the origin of licensing file, use RSA in signature mode. In signature mode a hash is computed from the data you want to protect and then encrypted using private key. The result -the digital signature - is appended to the protected data.

Verification process starts by decrypting the signature which gives you the hash. Then compute hash value from the data. Computed and decrypted value shall be the same.

There are a lot of libraries providing comfortable way of signature creation and verification. You can choose depending on the platform you use for your application development.

http://en.wikipedia.org/wiki/Digital_signature