Reputation: 1596
Cryptographic Key Storage
I'm trying to implement file encryption within my project, but I'm wondering as to best practices for key storage.
Our application is deployed to various client groups. Each group consists of multiple geographical sites, each in turn consisting of multiple users. Users create files which are then synchronised with other sites via a central synchronisation server. These files must be encrypted at point-of-save, and only be decrypted when loaded at a client site.
As such, any symmetric key needs to be unique at group-level, and be stored securely at each site.
We're using AES but the key is currently hard-coded and stored within the application, so is both easily accessible via decompilation and the same for all clients, which is worrying me considerably. It seems pretty trivial to hack this kind of setup once you have access to our application.
So, how would one go about ensuring generation of a unique key for each group, and then securely storing that key at each site?
Upvotes: 1
Views: 1344
Answers (3)
Reputation: 93948
This is not a good use case for symmetric cryptography. This is where asymmetric security is actually a requirement. You can distribute public keys (using a PKI, or by distributing it in a trust store within the application). Then you encrypt a symmetric key with the public key of the receiving party (e.g. one of a key pair belonging to the central server or one of a group) and encrypt the actual data with the symmetric key.
Sometimes symmetric cryptography is used this way, e.g. with storage of keys within smart cards, but the key management is always horrific compared to asymmetric cryptography.
Upvotes: 0
Reputation: 4737
This is a bit out of my league so I'm just telling what I know.
Have you looked at using certificates and using them in the Windows Certificate Store?
I mean, that's basically the only place to safely store it, I think...
Upvotes: 0
Reputation: 376
The only really secure way of keeping a single symmetric key is making them enter a passphrase/password and generating a key from that. That way your application doesn't know the key without user input.
Either that or supplying the key in some individual file that they would need to give to the application (via interface, registry or simply placing it at appropriate path) in order for encryption to work.
In the end, security always comes down to the users.
Upvotes: 1
Related Questions
- Best way to store encryption keys in .NET C#
- Securing encryption keys in C#
- How to store private key in Key Container?
- How to do encryption with any key
- How to store encryption key .NET
- How do I store symmetric encryption keys securely?
- encryption key protection in C#
- Encryption Engine
- Encrypting data in C#
- C# Cryptography generating a key