Connection String Encryption , whats the idea?

Question

If I am encrypting the connection string section, anyone who has the web.config can reDecrypt the information.

There is no password key which is known only to me or something similar....

What's the idea here?? Anyone who will have that web.config with VS, will be able to decipher the info...

I dont get the idea...

Answer 1

You wrongly assume that anyone can decrypt the web.config. Once the config file section is encrypted, it can only be decrypted on the same machine (or the machine that has got the same key - this is for web farming).

Usually, it is fairly easy to download the actual web.config remotely (through vulnerabilities). But the malicious user will not have your key and will not be able to decrypt the file (or sections with sensitive data).

The point here is you have got to trust your site hoster, that is the sensitive key will not be distributed.

Answer 2

You can specify the encryption provider, but the default is the RSA provider. There is a key used, but it is 'secret'. So someone would need a privileges to run applications on your server, or unrestricted access to the file system in order to unencrypt your web.config.

This (especially step 2) talks about it:

http://msdn2.microsoft.com/en-us/library/ms998283.aspx

Answer 3

I don't know whether aspnet_regiis.exe tool uses keys to encrypt or decrypt web.config. But If it stores in the web.config then It would be decrypted by anyone who has aspnet_regiis utlility installed but If it is stored in machine.config or in .Net Framework folder of the computer than It would not be decrypted by anyone.