Reputation: 966
how to protect a site-wide secret key
Imagine a pretty standard website, with user authenticating with email/password pair. For passwords, it already ha shashing with random salt, but the rest of data is kept unencrypted.
We do another step forward and encrypt the sensitive data with a
passwordkey, the key, obviously, shall be known to the application to be able to decript the data for its operation.we don't want to have it in the source code, so it's kept in a file and read by the app when it needs it.
we've secured the file so that only user which executes the app can read it
(this point has appeared after some discussions below) We have already considered buying hardware HSM and found that not possible (for instance we are running the server on a virtual machine)
this way we are relatively protected from complete DB stealing, right? However, the key might become known if someone gets access to the OS user with read rights.
the question is: what are the best practices for keeping such key secure?
Upvotes: 2
Views: 284
Answers (1)
Reputation: 48256
Buy a hardware security module and keep the key in it. The key will not be able to be read.
Yubi makes a reasonably priced hsm. $500 if I recall correctly.
While we're here, your db server should be on a different box in a different network zone as your web server.
Upvotes: 3
Related Questions
- Password safety in PHP
- Handle Plaintext Passwords... Safely
- Securring stored password
- Storing important secret keys in php files
- How to protect encryption key from server admin?
- Secure PHP password entry possible?
- Secure password storage
- PHP Password Securing
- PHP security - password and credentials management?
- How do I secure a hardcoded login/password in PHP?