Getting a Symmetric Key From Windows



Preface: I am not a hacker, and I don't want to get the user's password or
other user information from windows.

I want to take some data and use a symmetric algorithm to encrypt it using
the CryptoAPIs. I would like windows to supply the key for the symmetric
algorithm. I would like the key to be based on the current logged in Windows
User and Password (with domain local or DC). I don't want to know the users
login or password, just get a key that only can come from that valid user.
If the user changes his/her password, I want the same key for the symmetric
algorithm, however I don't want two users to have the same key.

Basically, I want windows to take care of the login/password change
password, unique user, strong password stuff and I want to take advantage of
that.

I am encrypting files to put on the Internet. I understand that I will have
to use a combination of encryption technologies to encrypt a file. I believe
I know how to do this, just not hope to bridge the Windows NTLM to
encryption.

If windows will not give me a unqiue key for the user, can I ask it via the
CryptoAPIs to symmetric encrypt some data, using the user's key (without
getting the key myself?)

Second Question: Since I am putting the file encrypted on the Internet, I
have some cross domain considerations. I.e. if someone has the same domain
name (not the same domain) and the same login/password will they get the save
key from windows. What I would really like is for the key to be unique
across domains regardless of it's domain name. Is this the case?

Thanks in advance,
Wayne
.



Relevant Pages