Asymmetric encryption on x20

Hi. I want to solve a problem regarding data integrity:

First, my system shall create hashsum’s of the logged data files (e.g. from MappData) and save them to the file device (in a separate file). Then the user could download this data and proof the integrity of the log-files by calculating the hashsum’s himself and comparing them.

I want to extend this by encrypting the hashsum’s so that even the user cannot manipulate the log-data afterwards without invalidating them. Of course an asymmetric cryptosystem (like PGP) is needed to do that (otherwise the user could re-create matching hashsum’s). The secret key would be stored on the plc and will be hidden from the user. The public key has to be used to decrypt the saved hashsum’s and to proof them.

Now: is there an algorithm/mechanism for x20 systems to store and use private keys with an asymmetric crypto system?

When working with confidential Data such as a private Key, its important that you try to avoid to use it in an visible Variable. Try to use it in a function temporary datapoint, which is only available on the stack. Otherwise it will be accessible via PVI.

For the Storage it might be a idea to look to the Certifikate handling of Automation Runtime. With the Library ArCert you can access it via your Application Program.

ArCert - ArCertImportPrivateKey()

Hello @hvt

Due to one month of inactivity, this post will be marked as solved. If you would still like assistance on this topic, please add a new reply with the latest status :slight_smile: