Reputation: 5717
Best place to hide secret keys?
I am looking for advice on where to store encryption keys and other sensitive application data. Is a certificate on a USB stick really the way to go here? What can you do to keep your secret keys safe?
Upvotes: 3
Views: 496
Answers (3)
Reputation: 67019
A keystore (see: getKey()) is often a place where a secret, like a privet key is kept. In order to access this key store a password. These are created using a symmetric cipher.
Upvotes: 2
Reputation: 269667
Keep them on a smart card, or use the Trusted Platform Module (TPM) that is present in many machines sold these days.
Upvotes: 5
Reputation: 6136
If it's a secret and you have to store it somewhere, then at some point it can't really be considered a secret anymore because one way or another somebody will be able to find it, etc. Security is always best considered on a case by case basis, what is acceptable for one solution is not for another and therefore there is not any "fits all" answer. However, where possible (or always) make sure you use a tried and tested method rather than roling your own. Hopefully that does help, but is such a wide open question.
Upvotes: 1
Related Questions
- Storing encryption keys -- best practices?
- Where should I store my secret key for cryptography?
- What's the best way to store API secrets and encryption keys?
- What's the best place to hide long lived encryption keys
- where to store confidential data like decryption key in android so that it can never be found by hacker
- Where to store the key for encrypting and decrypting password
- Ok, so I've encrypted my data now where do I hide the key?
- Where to store sensitive information needed for an application to run?
- Best practices for storing secret keys
- Methods to Hide/Encrypt Data