c# - How to securely handle AES “Key” and “IV” values -
if use aes (system.security.cryptography) encrypt , decrypt blob or memo fields in sql server, store “key” , “iv” values on server? (file, regkey, dbase,...)
and protection of aes “key” , “iv” values?
the background question more : if “they” hack server , dbase... can program encryption stuff (it's on same server, can't it)... , if "they" good, notice “key” , “iv” values stored...(.net 4.5 ilspy) , can decrypted again.
please advice? how handle aes “key” , “iv” value’s?
ps: not pwd fields... so, it's not hashing... pure data cryptography.
the iv has been thoroughly covered other answers, i'll focus on storing key.
first...
i can't except not done on single server @ software level.
anything done in software can undone in software. can encrypt, hide, , lock in many safes want, application still needs able access key. if application has access, same level of access application able well.
developers have been dealing problem long time , there no silver bullet.
this setup in single server environment (application plus dbase), i’m not able send/retrieve key second server. also, in “special” case i’m not able encrypt key machine-level or user-level rsa key container.
i can think of 2 possible solutions.
option 1:
store key on disk and, @ os level, configure file access account application running under can read file key contained in. file flat file, or encrypted container that's protected password application knows (up decide, encrypted container better).
pros:
- restarts without human intervention.
cons:
- you have os security right , there no room error.
- an attacker administrator access can key.
another similar option use dpapi instead of files storing key (as long you're able given "special case"). api built in windows utilizes password whatever windows account (or application) running under securely store data. windows account stored data able retrieve it.
one particularly nice feature of dpapi that, if administrator resets users password (via computer management), access users dpapi data lost. attacker need compromise actual account used store data in first place without resetting password.
option 2:
require pass phrase entered person @ application start , derive encryption key pass phrase. once have key, discard pass phrase , retain key in memory only.
pros:
- the key never on disk.
- even if server rooted, getting key not simple task.
cons:
- automated reboots not possible.
- you'll have share pass phrase handling support.
- you need keep in mind data stored in memory may transparently written disk in situations.
or compromise between these 2 systems where, pass phrase used derive encryption key held in memory, , key temporarily written disk or encrypted container whenever application gracefully restarted. when restart complete application loads key , deletes temporary storage (and if necessary, sure overwrite disk location key stored can't recovered).
Comments
Post a Comment