473,396 Members | 1,914 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c# / c sharp > questions > storing encryption keys

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Storing Encryption Keys

Hi

Where is the most secure place to secure an encryption key for each of your
applications?

Thanks
Kev
May 31 '06 #1
3 2108
You could use DPAPI (there is a managed API in .NET 2 and code
available for .NET 1.1) to store your keys.

This should help: http://www.eggheadcafe.com/articles/20021221b.asp

Tasos
Mantorok wrote:
Hi

Where is the most secure place to secure an encryption key for each of your
applications?

Thanks
Kev


May 31 '06 #2
The safest is to use the built in encryption schemes, like DPAPI. If this is
not an option, for some reason, put the keys in the registry where they
cannot be accessed by anyone that does not have control of the machine. You
will want to slap them in memory when the app starts up, of course, to not
have the lookup every time. A database is another "more secure option". I
would not have them on the file system, but if you have to, put them
somewhere outside of the app path (and if this is a windows app, forget
about it).

--
Gregory A. Beamer

*************************************************
Think Outside the Box!
*************************************************
"Mantorok" <ma******@mantorok.com> wrote in message
news:e5**********@newsfeed.th.ifl.net...
Hi

Where is the most secure place to secure an encryption key for each of
your applications?

Thanks
Kev

May 31 '06 #3
| will want to slap them in memory when the app starts up, of course, to not
| have the lookup every time.

I agree with DPAPI, but not sure storing clear in memory is a good idea.
The best practice is to only have decrypted (i.e. clear) information for as
short of time as possible to protect against threats like dumps, memory
browsers, etc.
Jun 1 '06 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
RSA Encryption using BigInteger
by: Jerry | last post by:
Hi, I am writing a Java Chatroom application that will implement encryption of messages using the RSA algorithm using the BigInteger class. It uses socket connections to exchange messages. I...
Java
34
Encryption with Python?
by: Blake T. Garretson | last post by:
I want to save some sensitive data (passwords, PIN numbers, etc.) to disk in a secure manner in one of my programs. What is the easiest/best way to accomplish strong file encryption in Python? ...
Python
14
Encryption keys
by: Ray Cassick \(Home\) | last post by:
Ok, time to ask the question here.. I have been battling over this one for sometime now and just have to ask it. I have created a few classes that I use to act a security keys. These classes get...
.NET Framework
113
How good an encryption algorithm is this?
by: Bonj | last post by:
I was in need of an encryption algorithm to the following requirements: 1) Must be capable of encrypting strings to a byte array, and decyrpting back again to the same string 2) Must have the same...
C# / C Sharp
3
Encryption Issues
by: RDI | last post by:
I'm using RSACryptoServiceProvider to encrypt data. I successfully got it to encrypt a string of less than 59 chars. Now I'm trying to handled longer strings. I was able to get it encrypt the...
Visual Basic .NET
10
Best Practice for storing keys
by: tshad | last post by:
I am trying to find the best procedure for storing keys used for encryption. This would also be a question for the connection string to the database. At the moment, this is kept in the web.info...
ASP.NET
4
Asymmetric Encryption
by: pintu | last post by:
Hello everybody.. I hav some confusion regarding asymmetric encryption.As asymmetric encryption it there is one private key and one public key.So any data is encrypted using private key and the...
ASP.NET
1
Configure SSL Encryption Strength
by: =?Utf-8?B?bWljcm9ob2Y=?= | last post by:
Short version: Is there a way to configure (preferably programmatically) the max encryption strength that will be used by the framework when connecting to a particular SSL-protected web service? ...
.NET Framework
5
Encryption and Decryption from a dictionary.
by: Netwatcher | last post by:
well, i started messing around with dictionaries, yet, most of the pages i found about them always talk about getting only one word out of it and turning it vice versa, i've been playing with that...
Python
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!