Getting a Symmetric Key From Windows

From: Wayne Berry <waynebe@xxxxxxxxxxxxx>
Date: Fri, 9 Nov 2007 09:36:04 -0800

Preface: I am not a hacker, and I don't want to get the user's password or
other user information from windows.

I want to take some data and use a symmetric algorithm to encrypt it using
the CryptoAPIs. I would like windows to supply the key for the symmetric
algorithm. I would like the key to be based on the current logged in Windows
User and Password (with domain local or DC). I don't want to know the users
login or password, just get a key that only can come from that valid user.
If the user changes his/her password, I want the same key for the symmetric
algorithm, however I don't want two users to have the same key.

Basically, I want windows to take care of the login/password change
password, unique user, strong password stuff and I want to take advantage of
that.

I am encrypting files to put on the Internet. I understand that I will have
to use a combination of encryption technologies to encrypt a file. I believe
I know how to do this, just not hope to bridge the Windows NTLM to
encryption.

If windows will not give me a unqiue key for the user, can I ask it via the
CryptoAPIs to symmetric encrypt some data, using the user's key (without
getting the key myself?)

Second Question: Since I am putting the file encrypted on the Internet, I
have some cross domain considerations. I.e. if someone has the same domain
name (not the same domain) and the same login/password will they get the save
key from windows. What I would really like is for the key to be unique
across domains regardless of it's domain name. Is this the case?

Thanks in advance,
Wayne
.

Follow-Ups:
- RE: Getting a Symmetric Key From Windows
  - From: Wayne Berry

Prev by Date: Re: How to remote start/stop services using windows API?
Next by Date: RE: Getting a Symmetric Key From Windows
Previous by thread: Re: CreateProcessAsUser from service fails with 233 (FUS, Windows XP)
Next by thread: RE: Getting a Symmetric Key From Windows
Index(es):
- Date
- Thread

Relevant Pages

Re: Encrypted partition solution for Windows OSes?
... is to encrypt the file, ... For Windows you have several ... choices, PGP, and GnuPG, as well as Guardbot for web based file transfers. ... files as drives, and aren't terribly interesting. ...
(Focus-Microsoft)
How perform unattended transfers in a script using perhaps SSH,SCP or HTTPS/SSL?, pcumming
... our customers (with Windows most likely). ... The files are EDI files--just a file we need to encrypt and send via a ... I have heard of Secure FTP, PGP encryption, SSH, SCP and SCP, not to ... We are not running any sort of FTP server now. ...
(comp.security.ssh)
How perform unattended transfers in a script using perhaps SSH,SCP or HTTPS/SSL?, pcumming
... our customers (with Windows most likely). ... The files are EDI files--just a file we need to encrypt and send via a ... I have heard of Secure FTP, PGP encryption, SSH, SCP and SCP, not to ... We are not running any sort of FTP server now. ...
(comp.security.ssh)
Re: Flash Drive Security
... Is there an application available that will encrypt all the data in case ... I put a file on it from the Mac at home, take it to a pc at Kinkos ... Have the Windows version of GPG on the flash drive. ... I have TrueCrypt Am I right to believe you have to insert the flash drive ...
(comp.sys.mac.apps)
Re: Office XP Encryption Problem
... Take Ownership of a File or Folder in Windows XP ... Microsoft MVP ... I know for a fact that I didn't encrypt them. ...
(microsoft.public.office.misc)