Nice
Reputation: 111
Best practices for storing secret keys
I have an asp.net app, and I want to store a machine wide encryption key that I will be using in the apps, when using DPAPI crypto system.
What are the best practices to store the key - where do I store it?
Thanks.
Upvotes: 11
Views: 1920
Answers (1)
M.A. Hanin
Reputation: 8074
It very unsafe to store any key as plaintext in any non-volatile and inherently insecure medium (such as a Hard Drive). On such mediums, you should only store a signed encrypted version of a key, and write-access to the encrypted key should be secured.
The real work at hand is to model the security needs, to determine the key-management policy and implementation.
Upvotes: 3
Related Questions
- Best way to store encryption keys in .NET C#
- How to store encryption key .NET
- How do I store symmetric encryption keys securely?
- Best method for securely storing passwords
- Where to store secret key of the c# application
- Cryptographic Key Storage
- What is the best way to store a cryptographic key?
- Where should I store the Public Key?
- Where to store encryption key
- Encryption and Decryption Key, where to store and what to use for .net application