Re: Best Practice for storing TripleDES key and vector?
From: Alek Davis (alek_xDOTx_davis_xATx_intel_xDOTx_com)
Date: 04/29/04
- Next message: Guillermo Proano [MS]: "RE: Tempory impersonation"
- Previous message: John Bowman: "Re: Protecting XML File While Displayed In Browser"
- In reply to: knf: "Best Practice for storing TripleDES key and vector?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Apr 2004 14:19:10 -0700
KNF,
This is not an easy task. Check out the "Safeguard Database Connection
Strings and Other Sensitive Settings in Your Code" at
http://msdn.microsoft.com/msdnmag/issues/03/11/ProtectYourData/default.aspx
(or http://tinyurl.com/388zr). It can give you some ideas.
Alek
"knf" <anonymous@discussions.microsoft.com> wrote in message
news:273EA3AB-BC7D-40FD-A9F8-60502F41F490@microsoft.com...
> What is the best practice for storing the encryption key and vector for
TripleDES encryption. I'm using c# and we need to be able to decrypt
information across all web and app servers - i.e. they all need to use the
same key. The data is encrypted (using the same encrpytion/decryption dll)
as a separate process as part of configuration (values may be in registry or
config files) So, the point is that I need the same keys across all servers
and all environments, but the keys don't need to be used outside of the
enterprise.
>
> What is the best practice for this? Right now the key and vector are
stored as a byte right in the encryption dll. I clearly don't want it this
way for several reasons...
- Next message: Guillermo Proano [MS]: "RE: Tempory impersonation"
- Previous message: John Bowman: "Re: Protecting XML File While Displayed In Browser"
- In reply to: knf: "Best Practice for storing TripleDES key and vector?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
