Re: Storing a cryto key in .Net
From: Ram Sunkara [msft] (ramsun_at_online.microsoft.com)
Date: 10/22/03
- Previous message: Morten Brun: "Storing a cryto key in .Net"
- In reply to: Morten Brun: "Storing a cryto key in .Net"
- Next in thread: Morten Brun: "Re: Storing a cryto key in .Net"
- Reply: Morten Brun: "Re: Storing a cryto key in .Net"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 21 Oct 2003 19:46:50 -0700
Use DPAPI.
Make a command line executable that writes a DPAPI blob into your
application configuration file. Let your application decrypt the DPAPI blob
as when required to encrypt or decrypt.
Deploying your application will now include running this executable in all
the target machines.
Put this command line executable in share and give execute only permissions
to all the authorized users, explicitly deny coping this executable.
Ram-
"Morten Brun" <morten@pconsult.dk> wrote in message
news:16obpv005egijsjtf9ntdmcjbpq87f2sqs@4ax.com...
> Hi
>
> I am looking for some good suggestions to store a cryto key with my
> new Asp.Net application using Triple Des to encrypt data. The database
> is on SQL2000 server..
>
> My first idea was to store the key within the program, but as programs
> can be easily obfuscated this is probably a bad idea.
>
> Any suggestion will be highly appreciated.
>
> Morten
>
>
- Previous message: Morten Brun: "Storing a cryto key in .Net"
- In reply to: Morten Brun: "Storing a cryto key in .Net"
- Next in thread: Morten Brun: "Re: Storing a cryto key in .Net"
- Reply: Morten Brun: "Re: Storing a cryto key in .Net"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
