Warning: You need this ONLY if you are using HTTHost personal edition. HTTPort does not need this key !
If you are using the HTTHost personal edition, installed on your own hardware somewhere,
your traffic only goes through your personal server. What is not so good, is that the encryption provided
with the personal HTTHost edition somehow relies on the security of the same public/private key pair for everybody.
As described
here,
HTTPort and HTTHost use RSA and Blowfish. Blowfish key is used for data encryption and it's
generated at random, so there no way to guess it. But when this key is transported between
HTTPort and HTTHost, RSA key pair is used as an armour transport. When you download HTTHost
personal edition, you also download this host's key pair (htthost.pri and htthost.pub).
And this key pair is the same for everybody, right ? So, having this keypair and access
to your traffic it's possible to intercept and decrypt your Blowfish key, thus opening the
whole thing.
This means that THEORETICALLY anybody can decrypt your data simply by knowing the RSA key pair.
It's not the matter of breaking the code, it's only the matter of reverse engineering. If you are
not satisfied with this, you may order your own unique personal RSA key pair for HTTHost.
The key pair generated exclusively for you is available for purchase from Technology Networks for
just $9,95 USD.
Purchase from
2Checkout (click the button to go to secure order form):
Once we receive the money, your keys are sent to you by e-mail
to the address at which your credit card is registered.
|
 |
|
