Re: Cryptography.
From: Brock Allen (ballen_at_NOSPAMdevelop.com)
Date: 10/06/05
- Previous message: Brock Allen: "Re: Cryptography."
- In reply to: Brock Allen: "Re: Cryptography."
- Next in thread: Paul Glavich [MVP ASP.NET]: "Re: Cryptography."
- Reply: Paul Glavich [MVP ASP.NET]: "Re: Cryptography."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 05 Oct 2005 16:31:40 -0700
Oops, should read "Data Protection" API.
-Brock
DevelopMentor
http://staff.develop.com/ballen
> Yeah, key management is a big problem. The way many of the built-in
> keys are managed for ASP.NET is to encrypt them per-machine with yet
> another key and let that key be managed by the LSA. This sounds odd,
> but I think it's the best thing we have. So, look into the DPAPI
> (DataProtected API) in Win32. I think Dominick has a managed wrapper
> for v1.x and IIRC there's a managed wrapper built into v2.0.
>
> -Brock
> DevelopMentor
> http://staff.develop.com/ballen
>> Hello,
>> I am using .NET's cryptography classes(Symmetric algorithm) to
>> encrypt/decrypt strings and streams. I want to know the place i
>> should
>> store
>> the Key and the IV values for the algorithms?Since these values are
>> sensitive information i definitely cannot store them in the code or
>> config files. Please elucidate me on this.
>> Thanks
>>
- Previous message: Brock Allen: "Re: Cryptography."
- In reply to: Brock Allen: "Re: Cryptography."
- Next in thread: Paul Glavich [MVP ASP.NET]: "Re: Cryptography."
- Reply: Paul Glavich [MVP ASP.NET]: "Re: Cryptography."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
