hiding encryption keys - Page 3

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: hiding encryption keys

Sorry for the confusion.  The keys, which are encrypted, live on both a
backend DB and front-end application server.

There is data living in the backend DB which is encrypted with these
keys.  When the front-end application needs to access this information,
a binary library DLL will decrypt the encryption keys from their
storage location and use those keys to send a query to access the
encrypted data on the backend DB.

No one (in theory) outside of inhouse staff would have local access to
the front-end app server and the only mechanism to decrypt the keys
living on the front-end server would be the binary DLL.

Let me know if you have more questions or need more clarification...



Paul Rubin wrote:
Quoted text here. Click to load it

Re: hiding encryption keys

Phillip wrote:
Quoted text here. Click to load it

More information is needed, especially about the system configuration,
location and value of secrets, etc.

Often root keys / passwords are protected by file system permissions (ie
only root or file owner can view...for example, ssh keys).  If you are
willing to make the necessary assumptions, then that may be sufficient.
Consider that to defeat this, you could either steal the root or owner's
password, or gain physical access to the filesystem (in which case, for
example, you can install the hard drive in another system or boot from a
linux live cd, and then examine and  potentially change the drive contents).
Or you could exploit an unpatched vulnerability to gain root access...etc.
So you must patch diligently, prevent physical access, and have a strong
root password which you protect well and change frequently.  If you do these
things, then file system permissions may be sufficient for protecting the
secret.  Still it is advisable to protect any on-disk secrets with an
off-disk secret (pass phrase, removable hardware key, etc).   Even then, a
user who can become root or can gain physical access will be able to steal
your secret.


Re: hiding encryption keys

Quoted text here. Click to load it

The correct solution to that is to pick something from
http://www.ncipher.com /
http://www.eracom.com.au /
http://www.safenet-inc.com /
or similar that meets your needs. These are all hardware and prevent the
extraction of the key under the vast majority of usage scenarios, some also
provide significant amounts of SSL offload.

Site Timeline