Safest way to store an encryption key?

From: Daniel Garcia (dgarcia@openwebs.com)
Date: 10/30/02


From: "Daniel Garcia" <dgarcia@openwebs.com>
Date: Wed, 30 Oct 2002 13:48:29 -0500


Hi all,

My ASP.NET application needs to encrypt a small amount of information before
sending it to the database. I also need to decrypt the info so the
application can do useful things with it (so hashing will not work). The
purpose of this encryption/decryption is to make it hard to just "take a
look" into the database tables and see the confidential information.

Basically I need, to the extent possible, that only the application is able
to decrypt the data (the application knows who can see what). What would be
the safest place to store the encryption key?

I am currently thinking to use the private key of a certificate issued to
the account under which the application runs. The certificate would be on
the certificate store. Is this a viable option? If so, any examples on how
to do this?

Thanks,

Daniel Garcia



Relevant Pages

  • Re: Cant decrypt w/admin acct
    ... >>First off you need to rule out a permissions problem. ... >>Run mmc and select the certificate snapin for user and go ... >>used to decrypt the files. ... The certificate is a "key pair" in that the certificate is used to encrypt the files ...
    (microsoft.public.win2000.security)
  • Re: Which is more secure RC2 or RC4 ?
    ... same database temporarily, until the order is approved manually and the ... obviously there are a LOT of security related issues that arise ... itself in order to decrypt the information, ... meaning if I encrypt the information using AES and a password driven ...
    (sci.crypt)
  • RE: Plz help me
    ... When you want to encrypt a message you have to encrypt using the ... your public key (from YOUR certificate) to verify your signature. ... but when i m trying to decrypt and verify that Message using receiver's ...
    (microsoft.public.platformsdk.security)
  • Re: Encryption Problem
    ... the private key associated to that public key to decrypt that message. ... private key associated to the public key you are using to encrypt on the ... > certificate present in the certificate store. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • NTFS Encryption
    ... I recovered files from a formatted NTFS ... stories is that if you are going to use EFS to encrypt ... >>the certificate manager (run mmc.exe and open ... >>have this you can't decrypt. ...
    (microsoft.public.windowsxp.security_admin)