Re: Where to store private key
From: Michel Gallant (neutron_at_NOSPAMistar.ca)
Date: 02/25/04
- Next message: Alek Davis: "Re: Where to store private key"
- Previous message: David Hoffer: "Re: Where to store private key"
- In reply to: David Hoffer: "Re: Where to store private key"
- Next in thread: Alek Davis: "Re: Where to store private key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 Feb 2004 12:47:04 -0500
Storing your secrets (like passwords) directly in code is a very bad
thing to do!
When you use PasswordDeriveBytes, you are generating a symmetric
key based on the SHA1 hash (usually) of that password. Thus, it will
be essentially impossible to directly attach your encrypted content.
You need to protect the access credentials (i.e. your good strong password)
to that private key .. (this is essentially the same sort of issue as using a good strong
Windows login password to protect your login user environment).
You generate a good random encryption credential using PasswordDeriveBYtes
and DON'T store any information at all about your password in that database.
Ultimately this boils down to how easy you want to make it to decrypt versus
how paranoid you are about anyone else getting access to credentials that specify your encryption
key.
It will of course depend on how important the information is that you are protecting
in your database.
There is no magic here. You will always need to protect access to SOME credentials.
Even if you use a hardware token, you need to protect it ... and usually with an extra
password layer there too!
- Mitch Gallant
"David Hoffer" <dhoffer.remove@xrite.remove.com> wrote in message
news:exWbNY8%23DHA.1036@TK2MSFTNGP10.phx.gbl...
> Thanks for the reply. However being quite new to security I still don't
> 'get' it.
>
> I want to store some data encrypted in an SQL Server database. So that only
> my applications can get the real data (unencrypted). I am using the managed
> Rijndael class to encrypt the data. My problem is how do I store the key
> (and I suppose the IV, I am using the same for both) so that my .NET Form
> applications (2) will be able to get the data but nobody else.
>
> If I use PasswordDeriveBytes as the article suggests, see the following
> code, it seems to me that I know have the same problem except that instead
> of securely storing my Rijndael key I know have to store my "strong
> password" securely. What have I gained? I don't need absolute security. I
> just want to make it quite difficult to use the data I am storing in SQL
> Server. What am I missing? Are there some techniques where I can
> 'actually' store the key or password in my .NET code but do so in a way that
> disassemblers can not easily show the storage?
> PasswordDeriveBytes deriver = new PasswordDeriveBytes("strong password",
> null);
>
> byte[] ivZeros = new byte[8];//This is not actually used but is currently
> required.
>
> //Derive key from the password
>
> byte[] pbeKey = deriver.CryptDeriveKey("TripleDES", "SHA1", 192, ivZeros);
>
> Thanks for any help you can provide...
>
> -dh
>
>
>
> "Michel Gallant" <neutron@NOSPAMistar.ca> wrote in message
> news:%23Fgxcwy%23DHA.2292@TK2MSFTNGP12.phx.gbl...
> > "David Hoffer" <dhoffer.remove@xrite.remove.com> wrote in message
> > news:OFWBx1x%23DHA.3220@TK2MSFTNGP10.phx.gbl...
> > > Could you clarify this...I am new to security APIs.
> > >
> > > I thought it was common to encrypt private keys using an asymmetric
> > > algorithm, i.e. public key encryption?
> >
> > It is common to encrypt a symmetric secret (session) key with an
> asymmetric
> > public key encryption (e.g. this is used in most S/MIME encryption
> approaches).
> >
> > The op was asking about protection of the asymmetric (e.g. RSA/DSA)
> private
> > key itself.
> > My first response showed the best way to let the OS protect it for you
> (which really
> > uses underlying symmetric key encryption based on user principal
> credentials.
> >
> > For more portability, you can export your RSA public/private keypair and
> encrypt
> > it with a password derived symmetric key. In .NET you use
> PasswordDeriveBytes
> > class to generate cryptographically strong byte sequence for symmetric key
> generation.
> >
> > Password derived symmetric keys basically just take the hash of the
> password and
> > the actual secret symmetric key is typically the first bytes of that hash
> (more complicated
> > procedure is 3DES is the derived key).
> >
> > See also the paragraph "Key Maintenance | Protecting Exported Private
> Keys" here:
> >
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/THCMCh07.asp
> >
> > - Michel Gallant
> > MVP Security
> > http://www.jensign.com
> >
> >
> > > What do you mean by the "symmetric key is derived from some sort of a
> > > passphrase"?
> > >
> > > -dh
> > >
> > > "Derek Slager" <derek@activate.net> wrote in message
> > > news:pan.2004.01.22.18.58.12.535488@activate.net...
> > > > On Thu, 22 Jan 2004 18:48:20 +0530, Prasad wrote:
> > > >
> > > > > Hi:
> > > > >
> > > > > While using asymmetric algorithm, which is best place to store
> private
> > > > > key in client system in client-server applications.
> > > >
> > > > A common technique is to encrypt private keys using a symmetric
> algorithm.
> > > > Typically the symmetric key is derived from some sort of a passphrase.
> > > >
> > > > -Derek
> > > >
> > >
> > >
> >
> >
>
>
- Next message: Alek Davis: "Re: Where to store private key"
- Previous message: David Hoffer: "Re: Where to store private key"
- In reply to: David Hoffer: "Re: Where to store private key"
- Next in thread: Alek Davis: "Re: Where to store private key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
