Re: Best Practice for storing keys
- From: "tshad" <tscheiderich@xxxxxxxxxxxxxxx>
- Date: Wed, 3 Jan 2007 10:57:21 -0800
"Mark Rae" <mark@xxxxxxxxxxxxxxxxx> wrote in message
news:utGHBLyLHHA.5000@xxxxxxxxxxxxxxxxxxxxxxx
"tshad" <tscheiderich@xxxxxxxxxxxxxxx> wrote in message
news:%23U52UBuLHHA.2140@xxxxxxxxxxxxxxxxxxxxxxx
I am trying to find the best procedure for storing keys used for
encryption.
Generally speaking, don't store them at all - devise a mechanism for
generating the same key whenever you need it...
http://msdn.microsoft.com/msdnmag/issues/03/11/ProtectYourData/default.aspx#S9
This seems to be norm from all the books on building your Web Apps.
Isn't
this a problem as the web.info is cleartext? I would suppose that having
keys (which you would to store/encrypt and get/decrypt from your
database)
in this manner would be dangerous.
I think there's a lot of FUD (fear, uncertainty and doubt) surrounding
this...
Yes.
But if you store information such as Credit Card or Social Security
information - you want that.
Firstly, ask yourself who are you hiding this key from...? Your
colleagues...? Your boss...? The office cleaner...?
Yes.
If you are worried about whether your fellow employees are trustworthy or
not, then you have a much bigger problem then key encryption...
Secondly, is your website's security so lax that your web.config is
visible to the outside world...? Again, if that is the case, then you have
a much more fundamental problem than key encryption...
Even if your security is good - people do get in. Ours is pretty secure but
as you mention below the Professional Hackers may find a way in.
This is what I do.
Are you perhaps worried about "professional" hackers...? Again, if a
hacker is clever enough to bypass all your security protection and is able
to gain access to your webserver, it probably won't matter much whether
your key is encrypted or not - they'll crack it...
I am trying to find out how others deal with this. Also, I would need
the
same information for my Apps on the same machine.
I have an encryption base class which does TripleDES encrpytion. It has
two methods: Encrypt() and Decrypt(). This class, like all my other base
classes, is shared across all projects and clients.
I also have a key generation class which has one method: GenerateKey().At the moment, I am creating one key for all clients. Just a random set of
This generates the key required for the symmetric encryption, and is
different for every client - sometimes different on a project by project
basis for the same client, if that's what they want.
letters, numbers and special characters. This is passed to both the Encrypt
and Decrypt functions.
I would only be Generating the Key once (or else I would never be able to
decrypt the data). You would have to store something somewhere for the
program to use it (either the data to Generate the Key from or the Key
itself).
In this way the actual key is not "stored" anywhere. You might say that
the key could be found by disassembly - or, at least, the mechanism for
generating the key could be found by disassenbly - but I take the view
that if a hacker is determined enough to have disassembled my code, they
would have found the key soon enough anyway...
There has to come a point where it's "secure enough", otherwise you'll
never get anything done...:-)
I agree here.
I just want to find a pretty reasonable solution.
Thanks,
Tom
E.g. can you decrypt this:
HgyxhIIBwBb7zY7GBH4xlQ==
?
.
- Follow-Ups:
- Re: Best Practice for storing keys
- From: Mark Rae
- Re: Best Practice for storing keys
- References:
- Best Practice for storing keys
- From: tshad
- Re: Best Practice for storing keys
- From: Mark Rae
- Best Practice for storing keys
- Prev by Date: DropDownList Problem
- Next by Date: 3DES confusion
- Previous by thread: Re: Best Practice for storing keys
- Next by thread: Re: Best Practice for storing keys
- Index(es):
Relevant Pages
|
