key-storage

Symmetric key storage

我的梦境 提交于 2019-12-20 09:36:42
问题 My company is going to be storing sensitive data for our customers, and will be encrypting data using one of the managed .NET encryption algorithm classes. Most of the work is done, but we haven't figured out how/where to store the key. I've done some light searching and reading, and it seems like a hardware solution might be the most secure. Does anyone have any recommendations on a key storage solution or method? Thanks for your replies, everyone. spoulson, the issue is actually both the

Symmetric key storage

烈酒焚心 提交于 2019-12-02 19:05:35
My company is going to be storing sensitive data for our customers, and will be encrypting data using one of the managed .NET encryption algorithm classes. Most of the work is done, but we haven't figured out how/where to store the key. I've done some light searching and reading, and it seems like a hardware solution might be the most secure. Does anyone have any recommendations on a key storage solution or method? Thanks for your replies, everyone. spoulson, the issue is actually both the "scopes" that you mentioned. I suppose I should have been clearer. The data itself, as well as the logic

How to safely store encryption key in a .NET assembly

巧了我就是萌 提交于 2019-11-29 09:45:46
In order to prevent somebody from grabbing my data easily, I cache data from my service as encrypted files (copy protection, basically). However, in order to do this, I must store the encryption key within the .NET assembly so it is able to encrypt and decrypt these files. Being aware of tools like Red Gate's .NET Reflector which can pull my key right out, I get a feeling that this is not a very safe way of doing it... are there any best practices to doing this? You have to decide what is an acceptable level of risk. There is no "safe" way of doing this. If the risk of someone using reflector,

How to safely store encryption key in a .NET assembly

蓝咒 提交于 2019-11-28 03:11:27
问题 In order to prevent somebody from grabbing my data easily, I cache data from my service as encrypted files (copy protection, basically). However, in order to do this, I must store the encryption key within the .NET assembly so it is able to encrypt and decrypt these files. Being aware of tools like Red Gate's .NET Reflector which can pull my key right out, I get a feeling that this is not a very safe way of doing it... are there any best practices to doing this? 回答1: You have to decide what