NEWBIE Question: Encrypting a file via an application

From: Mike D. (mike.dailey_at_mtdproducts.com)
Date: 01/08/04

• Next message: Simon G Best: "Re: Rabbit: a new stream cipher"
• Previous message: kurt wismer: "Re: Use of cryptography in an instant messenger"
• Next in thread: CryptWolf: "Re: NEWBIE Question: Encrypting a file via an application"
• Reply: CryptWolf: "Re: NEWBIE Question: Encrypting a file via an application"
• Reply: Paul Rubin: "Re: NEWBIE Question: Encrypting a file via an application"
• Reply: Brian Gladman: "Re: NEWBIE Question: Encrypting a file via an application"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 8 Jan 2004 09:00:05 -0800

Hello.

This is a newbie question, so please bare with me.

I am writing a linux application that stores application
configuration/data in files that I wish to encrypt. The problem is
that I'm not quite sure how to encrypt these files.

I am familiar with AES, 3DES, and other encryption routines, and I do
use these in my code. The problem is that in order for the
application to encrypt the data files with--lets say for example--AES,
it needs some type of key to unencrypt these files for use later.

The question is: what key do I use? I can't have the application
create a random key, because it would need to be stored unecrypted for
use later. I can't code a key into my application, because anyone
with a hex editor could retrieve it. The key can't be something
someone has to type in, since the application will be running as a
service/daemon, and will need to encrypt/decrypt files on the fly and
automatically.

So my question is basically this: what is the preferred way of doing
this type of encryption? How do applications come up with unique
keys, and then store them safely to be used to unencrypt files?

---

• Next message: Simon G Best: "Re: Rabbit: a new stream cipher"
• Previous message: kurt wismer: "Re: Use of cryptography in an instant messenger"
• Next in thread: CryptWolf: "Re: NEWBIE Question: Encrypting a file via an application"
• Reply: CryptWolf: "Re: NEWBIE Question: Encrypting a file via an application"
• Reply: Paul Rubin: "Re: NEWBIE Question: Encrypting a file via an application"
• Reply: Brian Gladman: "Re: NEWBIE Question: Encrypting a file via an application"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Where to store the DB password in a asp.net app? ... you'd be fairly safe in the ... Use the ASP.NET Utility to Encrypt Credentials and Session State ... Basically i am curious as to where everyone stores there database details ... or registry? ... (microsoft.public.dotnet.framework.aspnet) Re: Encryption ... > My program encryptes text using filestream and DES and stores the ... Instead of encrypting to a 'FileStream', you can encrypt to a 'MemoryStream' ... Read and Write a File to and from a BLOB Column by Using ADO.NET and ... (microsoft.public.dotnet.languages.vb) Re: Encrypting Field in Database ... Refer to the Encryption section in the following FAQ: ... >I have existing application that we need to encrypt the field that stores ... >the user password. ... >that stores userid and passwords. ... (microsoft.public.sqlserver.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)