When using System.Security.Cryptography to Encrypt/Decrypt information, I
need to store two values - the Initialization Vector and the Encryption Key.
The are both needed in Encryption/Decryption process.
Where I can store them securely, because if they are compromized, everyone
can decrypt the encrypted information?
I guess, that it is stuped to leave them in code!
TIA 5 1327
"Nikolay Petrov" <jo**************@mail.bg> wrote in message
news:uz**************@TK2MSFTNGP15.phx.gbl... When using System.Security.Cryptography to Encrypt/Decrypt information, I need to store two values - the Initialization Vector and the Encryption Key. The are both needed in Encryption/Decryption process. Where I can store them securely, because if they are compromized, everyone can decrypt the encrypted information? I guess, that it is stuped to leave them in code!
TIA
That depends on the values of the initiliasation vector/encryption key plus the site on which they
intended to be used.
In order for us to help you better, please post both values here along with any Urls/public networks
upon which you intend to use them.
Sincerely
Richard
I have an WebService and Windows Froms app, which both need to store
encrypted information in files, Windows Registry and SQL server.
In windows registry I store the encrypted SQL connection string. In SQL db I
store usernames, passwords and other sensitive information. In file is store
information download from my WinForms app to my clients.
I red that storing things in code i.e.
Dim encKey as string = "123456789012345"
is not save.
I have an idea that the encryption key is to be ganarated from a function.
Is this going to be more secure?
"Richard Myers" <fa**@address.com> wrote in message
news:Oq**************@tk2msftngp13.phx.gbl... "Nikolay Petrov" <jo**************@mail.bg> wrote in message news:uz**************@TK2MSFTNGP15.phx.gbl... When using System.Security.Cryptography to Encrypt/Decrypt information, I need to store two values - the Initialization Vector and the Encryption Key. The are both needed in Encryption/Decryption process. Where I can store them securely, because if they are compromized, everyone can decrypt the encrypted information? I guess, that it is stuped to leave them in code!
TIA
That depends on the values of the initiliasation vector/encryption key plus the site on which they intended to be used. In order for us to help you better, please post both values here along with any Urls/public networks upon which you intend to use them.
Sincerely Richard
I have an WebService and Windows Froms app, which both need to store
encrypted information in files, Windows Registry and SQL server.
In windows registry I store the encrypted SQL connection string. In SQL db I
store usernames, passwords and other sensitive information. In file is store
information download from my WinForms app to my clients.
I red that storing things in code i.e.
Dim encKey as string = "123456789012345"
is not save.
I have an idea that the encryption key is to be ganarated from a function.
Is this going to be more secure?
"Richard Myers" <fa**@address.com> wrote in message
news:Oq**************@tk2msftngp13.phx.gbl... "Nikolay Petrov" <jo**************@mail.bg> wrote in message news:uz**************@TK2MSFTNGP15.phx.gbl... When using System.Security.Cryptography to Encrypt/Decrypt information, I need to store two values - the Initialization Vector and the Encryption Key. The are both needed in Encryption/Decryption process. Where I can store them securely, because if they are compromized, everyone can decrypt the encrypted information? I guess, that it is stuped to leave them in code!
TIA
That depends on the values of the initiliasation vector/encryption key plus the site on which they intended to be used. In order for us to help you better, please post both values here along with any Urls/public networks upon which you intend to use them.
Sincerely Richard
You might wish to look into DPAPI.
Here's some links (in no particle order): http://msdn.microsoft.com/library/en...l/secmod21.asp http://msdn.microsoft.com/library/en...l/secmod22.asp http://msdn.microsoft.com/library/en...SecNetHT08.asp http://msdn.microsoft.com/library/en...SecNetHT07.asp http://msdn.microsoft.com/library/en...tion-dpapi.asp
Richard Rosenheim
"Nikolay Petrov" <jo**************@mail.bg> wrote in message
news:On**************@TK2MSFTNGP09.phx.gbl... I have an WebService and Windows Froms app, which both need to store encrypted information in files, Windows Registry and SQL server. In windows registry I store the encrypted SQL connection string. In SQL db
I store usernames, passwords and other sensitive information. In file is
store information download from my WinForms app to my clients.
I red that storing things in code i.e. Dim encKey as string = "123456789012345" is not save. I have an idea that the encryption key is to be ganarated from a function. Is this going to be more secure? "Richard Myers" <fa**@address.com> wrote in message news:Oq**************@tk2msftngp13.phx.gbl... "Nikolay Petrov" <jo**************@mail.bg> wrote in message news:uz**************@TK2MSFTNGP15.phx.gbl... When using System.Security.Cryptography to Encrypt/Decrypt information,
I need to store two values - the Initialization Vector and the Encryption Key. The are both needed in Encryption/Decryption process. Where I can store them securely, because if they are compromized, everyone can decrypt the encrypted information? I guess, that it is stuped to leave them in code!
TIA
That depends on the values of the initiliasation vector/encryption key plus the site on which they intended to be used. In order for us to help you better, please post both values here along with any Urls/public networks upon which you intend to use them.
Sincerely Richard
You might wish to look into DPAPI.
Here's some links (in no particle order): http://msdn.microsoft.com/library/en...l/secmod21.asp http://msdn.microsoft.com/library/en...l/secmod22.asp http://msdn.microsoft.com/library/en...SecNetHT08.asp http://msdn.microsoft.com/library/en...SecNetHT07.asp http://msdn.microsoft.com/library/en...tion-dpapi.asp
Richard Rosenheim
"Nikolay Petrov" <jo**************@mail.bg> wrote in message
news:On**************@TK2MSFTNGP09.phx.gbl... I have an WebService and Windows Froms app, which both need to store encrypted information in files, Windows Registry and SQL server. In windows registry I store the encrypted SQL connection string. In SQL db
I store usernames, passwords and other sensitive information. In file is
store information download from my WinForms app to my clients.
I red that storing things in code i.e. Dim encKey as string = "123456789012345" is not save. I have an idea that the encryption key is to be ganarated from a function. Is this going to be more secure? "Richard Myers" <fa**@address.com> wrote in message news:Oq**************@tk2msftngp13.phx.gbl... "Nikolay Petrov" <jo**************@mail.bg> wrote in message news:uz**************@TK2MSFTNGP15.phx.gbl... When using System.Security.Cryptography to Encrypt/Decrypt information,
I need to store two values - the Initialization Vector and the Encryption Key. The are both needed in Encryption/Decryption process. Where I can store them securely, because if they are compromized, everyone can decrypt the encrypted information? I guess, that it is stuped to leave them in code!
TIA
That depends on the values of the initiliasation vector/encryption key plus the site on which they intended to be used. In order for us to help you better, please post both values here along with any Urls/public networks upon which you intend to use them.
Sincerely Richard
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Picho |
last post by:
Hi all,
Lets say I have a "secret" I wish to "hide", lets say a database password.
For the more detailed problem, a web application/service that uses a
connection string.
all the solutions I...
|
by: Newbee Adam |
last post by:
anyone have any secrets or pearls about vb.net you want to share
I was asked by my company to begin teach an introductory VB.Net course
2 day seminar. I had been teaching an sql server 2000...
|
by: Kamilche |
last post by:
You know, all this furor over this book caused me to go look it up on
Amazon. I've never read this book... but from what I can see from the
legally available table of contents, excerpt, and index...
|
by: =?Utf-8?B?QWRhbSBT?= |
last post by:
I would like to know the best way to store credentials in a c# application.
I am writing some administrative tools and will need to store username and
password information for a domain account with...
|
by: vrakita |
last post by:
Speed up your system, repair registry base, uninstall hidden windows
components and get rid of boring errors with powerful tips and tricks.
http://windowsxpsp2pro.blogspot.com
|
by: vrakita |
last post by:
Very good collection of information, tips, fixes, workarounds, and
answers for Microsoft Windows XP...
http://windowsxpsp2pro.blogspot.com
|
by: travolta001 |
last post by:
Learn how to optimize and tune up your system,. get rid of boring
errors and uninstall unnecessary thing with very useful tips and
tricks
http://windowsxpsp2pro.blogspot.com
|
by: The 101 ROMANTIC SECRETS and TECHNICS |
last post by:
The 101 ROMANTIC SECRETS and TECHNICS
This SECRETS and TECHNICS are right for you if:
1. How to try to get a person you want,
2. To make your partner love you more an more.
If you want to...
|
by: aquorang |
last post by:
i want to share my secrets with u.........
how to create miracles in your own life?
http://www.freewebs.com/aquorang/
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: PapaRatzi |
last post by:
Hello,
I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
|
by: af34tf |
last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
| |