Re: Storing a private key

From: "Joe Kaplan \(MVP - ADSI\)" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 26 Jul 2006 09:34:51 -0500

Storing secrets is a hard problem. There is an entire chapter about this
topic in "Writing Secure Code" which is well worth a read if you are serious
about understanding this in detail.

People typically use things like DPAPI for helping to store secrets, but
that doesn't provide a complete solution and also comes with its own issues.
Since you have a private key for a certificate, you can also store that in a
standard key container and apply extra security to it. However, there might
not be an easy way to use the password protection feature on the key and
still access it from a server application.

Storing encrypted passwords is generally regarded as a bad design that
introduces much more risk than storing a salted hash of the password
instead. When you encrypt, if your key is compromised, the user's plaintext
passwords can be recovereded directly. When you hash, you don't even know
the user's plaintext password. Only brute force techniques can be used to
try to get the plaintext, and a good design can typically make that effort
too expensive to contemplate.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"pigeonrandle" <pigeonrandle@xxxxxxxxxxx> wrote in message
news:1153908969.044048.33770@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Hi,
I have a server and client program. The client encrypts data being sent
to the server using the servers public key before it transmits it to
the server over a tcp connection.

The question i have though, is where do i store the private key on the
server so that it will be safe?! In my mind (at least for the moment
...) there is no place to put it that couldn't be compromised in one
way or another.

The server also uses the same public key to encrypt other files it has
stored containing database usernames and passwords - hence my concerns
about storing the private key somewhere safe.

I would have liked to just 'keep the key in memory', but we all know
what would happen when Windows got bored and decided it was time to
blue-screen-of-death :-0

Thanks in advance for your help,
James Randle.

References:
- Storing a private key
  - From: pigeonrandle

Prev by Date: Re: Impersonation problem
Next by Date: Re: PGP - recommendations
Previous by thread: Storing a private key
Next by thread: Re: Storing a private key
Index(es):
- Date
- Thread

Relevant Pages

Re: A cryptography solution for a client/server winforms app
... good idea if you want to learn crypto. ... you control both the client and server, you don't even need to use a ... code the client to ignore certificate trust errors. ... encrypt the memory stream. ...
(microsoft.public.dotnet.security)
Re: A cryptography solution for a client/server winforms app
... You could use a self-signed cert deployed with the server ... code the client to ignore certificate trust errors. ... generate a hash value for the data in the memory stream. ... encrypt the memory stream. ...
(microsoft.public.dotnet.security)
Re: Encrypted files do they work for backups?
... I'm going to test it out myself on my own test SBS Server. ... >>If I use the administrator account, and I encrypt it EFS on a External ... >>> format you need the private key to decrypt the files ... do you have the recovery agent Encrypting File ...
(microsoft.public.windows.server.sbs)
Re: Cannot decrypt about 5% of encrypted files
... But when I try to decrypt them, ... It doesn't matter how I log into the server; ... copied to a cluster server that had a file share resource. ... When you encrypt on a server, ...
(microsoft.public.security)
Re: How perform unattended transfers in a script using perhaps SSH,SCP or HTTPS/SSL?, pcumming
... > our customers. ... Do you need to encrypt it so it is encrypted on your end and decryptable ... FTP, HTTP, whatever. ... regularly from your server (they pull, you don't push: ...
(comp.security.ssh)