473,320 Members | 1,952 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Symmetric encryption keys

Hi,

Picking your collective brains again, this time regarding the storage of the
key used in symmetric encryption.

Let's say you have a requirement to add encryption to a C# project, so you
might choose the TripleDESCryptoServiceProvider class:
http://msdn2.microsoft.com/en-us/lib...eprovider.aspx

No worries - it doesn't present much of a challenge, the MSDN code samples
are easy enough to follow - we're probably looking at a matter of minutes to
knock up an Encryption class with an Ecrypt() and a Decrypt() method.

The text states "This algorithm supports key lengths from 128 bits to 192
bits in increments of 64 bits". Again, not a problem - you need a key to
encrypt the data, and you need the same key to decrypt it again - the
encrypted data can't be (easily) decrypted without the key which was used to
encrypt it in the first place.

Obviously, you're adding encryption to your project as some sort of a
security measure, so you'd imagine that you'd make the key as difficult to
find as possible. But, your app itself needs to know the key, or nothing
works... :-)

Given the premise that ultimately *anything* is hackable, and .NET
assemblies can be disassembled even if obfuscated, where would you typically
store the actual key itself so that your app can use it but hackers will
struggle to find it...?

1) hard-code it into the C# code so that it gets compiled along with the
rest of the code?

2) store it in your app's config file?

3) store it in a resource file?

4) some other storage mechanism?

And, finally, would you use the same storage mechanism for a WinForms app as
for a WebForms app?

Any assistance gratefully received, as always...

Mark
Dec 18 '06 #1
7 3847
This one is almost a 'how long is a piece of string' question. You will get
as many different answers as there are responders and all of them will be
valid.

But ... here's what we did for a 'closed' environment where we wanted to
store some sensitive values in a config file but 'hide' them from prying
eyes.

1. Get the sensitive value into an array of bytes.

2. Base64 encode the array into a string.

3. Reverse the string.

4. Base64 encode it again.

5. Strip any trailing = characters.

6. Store the result any where you like.

To 'decode' the value:

1. Retrieve the 'encoded' value.

2. Pad it with trailing = characters until the length is a multiple of 4.

3. Base64 decode it.

4. Reverse the string.

5. Base64 decode it again.

6. Put the string into a byte array,

Certainly a cryptologist would 'crack' it in nothing flat and a 'hacker'
would probably be able to find your encode/decode methods but the risk of a
normal user being able to 'crack' it would be negligible.

In my view it doesn't really matter how one does it, it's more important to
find a methodology that reduces the 'risk' to an acceptable level.
"Mark Rae" <ma**@markNOSPAMrae.comwrote in message
news:es*************@TK2MSFTNGP06.phx.gbl...
Hi,

Picking your collective brains again, this time regarding the storage of
the key used in symmetric encryption.

Let's say you have a requirement to add encryption to a C# project, so you
might choose the TripleDESCryptoServiceProvider class:
http://msdn2.microsoft.com/en-us/lib...eprovider.aspx

No worries - it doesn't present much of a challenge, the MSDN code samples
are easy enough to follow - we're probably looking at a matter of minutes
to knock up an Encryption class with an Ecrypt() and a Decrypt() method.

The text states "This algorithm supports key lengths from 128 bits to 192
bits in increments of 64 bits". Again, not a problem - you need a key to
encrypt the data, and you need the same key to decrypt it again - the
encrypted data can't be (easily) decrypted without the key which was used
to encrypt it in the first place.

Obviously, you're adding encryption to your project as some sort of a
security measure, so you'd imagine that you'd make the key as difficult to
find as possible. But, your app itself needs to know the key, or nothing
works... :-)

Given the premise that ultimately *anything* is hackable, and .NET
assemblies can be disassembled even if obfuscated, where would you
typically store the actual key itself so that your app can use it but
hackers will struggle to find it...?

1) hard-code it into the C# code so that it gets compiled along with the
rest of the code?

2) store it in your app's config file?

3) store it in a resource file?

4) some other storage mechanism?

And, finally, would you use the same storage mechanism for a WinForms app
as for a WebForms app?

Any assistance gratefully received, as always...

Mark

Dec 18 '06 #2
"Stephany Young" <noone@localhostwrote in message
news:e9***************@TK2MSFTNGP04.phx.gbl...
This one is almost a 'how long is a piece of string' question. You will
get as many different answers as there are responders and all of them will
be valid.
That's fine - no problem with that...
But ... here's what we did for a 'closed' environment where we wanted to
store some sensitive values in a config file but 'hide' them from prying
eyes.
<snip>

Well, that seems reasonable enough...
Certainly a cryptologist would 'crack' it in nothing flat and a 'hacker'
would probably be able to find your encode/decode methods but the risk of
a normal user being able to 'crack' it would be negligible.
That is understood.
In my view it doesn't really matter how one does it, it's more important
to find a methodology that reduces the 'risk' to an acceptable level.
Exactly what I'm hoping to achieve - thanks for the response.
Dec 18 '06 #3
"amit_mitra" <am*******@discussions.microsoft.comwrote in message
news:31**********************************@microsof t.com...
If interested in more technical solution . look out for the DP-API
provided
with windows 2000 and later. With this library you can store your
sensitive
data with indvidual user profiles and OS is goin to manage it.

one of the MSDN links is

http://msdn.microsoft.com/msdnmag/is...efault.aspx#S9
That's very helpful - thanks.
Dec 18 '06 #4
On Mon, 18 Dec 2006 00:13:08 -0000, "Mark Rae"
<ma**@markNOSPAMrae.comwrote:
>Hi,

Picking your collective brains again, this time regarding the storage of the
key used in symmetric encryption.

Let's say you have a requirement to add encryption to a C# project, so you
might choose the TripleDESCryptoServiceProvider class:
http://msdn2.microsoft.com/en-us/lib...eprovider.aspx

No worries - it doesn't present much of a challenge, the MSDN code samples
are easy enough to follow - we're probably looking at a matter of minutes to
knock up an Encryption class with an Ecrypt() and a Decrypt() method.

The text states "This algorithm supports key lengths from 128 bits to 192
bits in increments of 64 bits". Again, not a problem - you need a key to
encrypt the data, and you need the same key to decrypt it again - the
encrypted data can't be (easily) decrypted without the key which was used to
encrypt it in the first place.

Obviously, you're adding encryption to your project as some sort of a
security measure, so you'd imagine that you'd make the key as difficult to
find as possible. But, your app itself needs to know the key, or nothing
works... :-)

Given the premise that ultimately *anything* is hackable, and .NET
assemblies can be disassembled even if obfuscated, where would you typically
store the actual key itself so that your app can use it but hackers will
struggle to find it...?

1) hard-code it into the C# code so that it gets compiled along with the
rest of the code?

2) store it in your app's config file?

3) store it in a resource file?

4) some other storage mechanism?

And, finally, would you use the same storage mechanism for a WinForms app as
for a WebForms app?

Any assistance gratefully received, as always...

Mark
You might get some good advice on sci.crypt, where this sort of thing
is common.

You need to decide who you are protecting your key from: Aunt Edna,
Nasty Megacorp Inc. or government agencies with three letter names.
The degree of protection you want will depend on who you are
protecting against.

Base64 is enough to protect from Aunt Edna. For Nasty Megacorp you
will need something more sophisticated. Best not to keep the key in
the source file, keep something on a file elsewhere (even on a memory
stick in a locked safe if practical). The key itself should not be
stored, instead store the information needed to calculate the key. A
usual method is to take a user-entered passphrase, add some
cryptographic salt and hash the result (SHA-256 or similar) to give
the actual key. You could store the passphrase and salt in separate
files, with or without some light encryption, if you did not want the
users to have to actually enter anything.

rossum

Dec 18 '06 #5
"rossum" <ro******@coldmail.comwrote in message
news:sb********************************@4ax.com...
You might get some good advice on sci.crypt, where this sort of thing
is common.
Thanks - I'll take a look.
You need to decide who you are protecting your key from: Aunt Edna,
Nasty Megacorp Inc. or government agencies with three letter names.
The degree of protection you want will depend on who you are
protecting against.
Somewhere in the middle of those three. The vast majority of my clients
aren't really computer-savvy, so that forms only a small part of my reason
for doing this. I'm mostly doing it as a CYA measure so that I can include
in documentation that I've made "reasonable" efforts to protection the
encryption - due diligence, and all that.

Obviously, nothing is completely uncrackable... :-)
Base64 is enough to protect from Aunt Edna. For Nasty Megacorp you
will need something more sophisticated. Best not to keep the key in
the source file, keep something on a file elsewhere (even on a memory
stick in a locked safe if practical). The key itself should not be
stored, instead store the information needed to calculate the key. A
usual method is to take a user-entered passphrase, add some
cryptographic salt and hash the result (SHA-256 or similar) to give
the actual key. You could store the passphrase and salt in separate
files, with or without some light encryption, if you did not want the
users to have to actually enter anything.
I'm reasonably familiar with the encryption process, so was mainly looking
for some "best practice" advice - I think your paragraph above is the
approach I'm heading for...

Thanks.
Dec 18 '06 #6
On Mon, 18 Dec 2006 14:29:24 -0000, "Mark Rae"
<ma**@markNOSPAMrae.comwrote:
>"rossum" <ro******@coldmail.comwrote in message
news:sb********************************@4ax.com.. .
>You might get some good advice on sci.crypt, where this sort of thing
is common.

Thanks - I'll take a look.
>You need to decide who you are protecting your key from: Aunt Edna,
Nasty Megacorp Inc. or government agencies with three letter names.
The degree of protection you want will depend on who you are
protecting against.

Somewhere in the middle of those three. The vast majority of my clients
aren't really computer-savvy, so that forms only a small part of my reason
for doing this. I'm mostly doing it as a CYA measure so that I can include
in documentation that I've made "reasonable" efforts to protection the
encryption - due diligence, and all that.

Obviously, nothing is completely uncrackable... :-)
>Base64 is enough to protect from Aunt Edna. For Nasty Megacorp you
will need something more sophisticated. Best not to keep the key in
the source file, keep something on a file elsewhere (even on a memory
stick in a locked safe if practical). The key itself should not be
stored, instead store the information needed to calculate the key. A
usual method is to take a user-entered passphrase, add some
cryptographic salt and hash the result (SHA-256 or similar) to give
the actual key. You could store the passphrase and salt in separate
files, with or without some light encryption, if you did not want the
users to have to actually enter anything.

I'm reasonably familiar with the encryption process, so was mainly looking
for some "best practice" advice - I think your paragraph above is the
approach I'm heading for...

Thanks.
For best practice you may find some RFCs of use. If you are using
Triple DES have a look at RFC 3271:
(ftp://ftp.rfc-editor.org/in-notes/rfc3217.txt) on key wrapping.
Unless you need to for reasons of backwards compatibility I would
suggest using AES (Rijndael in .NET) instead. For AES key wrapping
see RFC 3394 (ftp://ftp.rfc-editor.org/in-notes/rfc3394.txt).

Other relavant RFCs include RFC 3537, RFC 3562 and RFC 4107.

rossum

Dec 18 '06 #7
"rossum" <ro******@coldmail.comwrote in message
news:h1********************************@4ax.com...
For best practice you may find some RFCs of use. If you are using
Triple DES have a look at RFC 3271:
(ftp://ftp.rfc-editor.org/in-notes/rfc3217.txt) on key wrapping.
Unless you need to for reasons of backwards compatibility I would
suggest using AES (Rijndael in .NET) instead. For AES key wrapping
see RFC 3394 (ftp://ftp.rfc-editor.org/in-notes/rfc3394.txt).

Other relavant RFCs include RFC 3537, RFC 3562 and RFC 4107.
Thanks once again.
Dec 18 '06 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

5
by: Jerry | last post by:
Hi, I am writing a Java Chatroom application that will implement encryption of messages using the RSA algorithm using the BigInteger class. It uses socket connections to exchange messages. I...
34
by: Blake T. Garretson | last post by:
I want to save some sensitive data (passwords, PIN numbers, etc.) to disk in a secure manner in one of my programs. What is the easiest/best way to accomplish strong file encryption in Python? ...
14
by: Ray Cassick \(Home\) | last post by:
Ok, time to ask the question here.. I have been battling over this one for sometime now and just have to ask it. I have created a few classes that I use to act a security keys. These classes get...
113
by: Bonj | last post by:
I was in need of an encryption algorithm to the following requirements: 1) Must be capable of encrypting strings to a byte array, and decyrpting back again to the same string 2) Must have the same...
1
by: kiran | last post by:
Hi , I need some helpon Symmetric Crptography algorithm. My friend has given a encrypted message ( encrypted using Symmetric cryptogrraphy algorithm and he does 't mention on which plat form is...
1
by: David | last post by:
One thing that's always puzzled me about implementing encryption on remote asp.net apps is where to store the keys. The demo code indicate that you include them in a configuration file, but this...
4
by: pintu | last post by:
Hello everybody.. I hav some confusion regarding asymmetric encryption.As asymmetric encryption it there is one private key and one public key.So any data is encrypted using private key and the...
1
by: =?Utf-8?B?bWljcm9ob2Y=?= | last post by:
Short version: Is there a way to configure (preferably programmatically) the max encryption strength that will be used by the framework when connecting to a particular SSL-protected web service? ...
5
by: Netwatcher | last post by:
well, i started messing around with dictionaries, yet, most of the pages i found about them always talk about getting only one word out of it and turning it vice versa, i've been playing with that...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.