On Thu, Mar 20, 2008 at 2:25 PM, Robert Lee <[EMAIL PROTECTED]> wrote:
> > Thanks for the suggestion. I have a routine that creates a key from a > password, using SHA512. The problem is distributing the password, or the > key. > Right. If you go with the derived key approach, you must derive the key each time you need it to decrypt data. If there's no access to the password at decryption time, then this approach won't work for you. Also, don't just use a hash to derive keys, because then your key will only have as much effective entropy as the password from which it is derived. For deriving keys from passwords use the Rfc2898DeriveBytes class. > > I will look into encrypting the key into a file here before release, and > then distributing the key file, and certificate, but I'm not sure how > secure > that is. It wouldn't be to hard with reflector to figure out that > certificate A is used to decrypt file B, .... and reproduce the code. If you go with this approach, then the cert's private key must be kept secure. You'll need to install the cert in the store of the user that is decrypting the data. If this user profile is not available, then put the cert in a LocalMachine store and grant access using winhttpcertcfg. As you can see, nothing is free when it comes to protecting keys. It's an extremely difficult problem to solve securely. -- Steve Johnson =================================== This list is hosted by DevelopMentorĀ® http://www.develop.com View archives and manage your subscription(s) at http://discuss.develop.com
