The key can be any text string you want and it's completely up to you how you store it. I would use a long, random mix of characters. The most secure place to store it would probably be on removable media that has to be inserted for the application to work, but that's probably overly inconvenient for most applications. Storing it in the same file as the encrypted data is probably the least secure place. Storing the key in a separate file is a relatively secure method, IMHO. There is some security by obscurity here since only someone with knowledge of the inner workings of the application would have any idea where the key is stored.
It's also up to you if you want to re-use a single key or not. You could use a different key for every piece of data, but you have to be able to correctly marry the keys back to the right data to decrypt. Having another file with data that points to the IDs in the encrypted file could also tip off an attacker as to what the keys are for. I suppose you could get elaborate and encrypt the keys themselves, then the keys for those keys, etc., making it very difficult for an attacker to determine the decryption sequence. You could also re-encrypt the already encrypted data a few more times with multiple keys. -John -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of John Thompson Sent: Friday, September 09, 2011 8:44 AM To: U2 Users List Subject: [U2] ENCRYPT in Universe I am exploring the Universe data encryption features... Its my first try at this really. I have decent understanding off ssh and ssl, just not the U2 stuff. My questions are... Where is a safe place to store the "key" (as referred to in the docs) that the function needs to do encrypting and decrypting? How would I generate this key? Do I use the same key every time? Is there a thing to generate a key... like in ssh? For example, lets say I have a program that encrypts the user's password and then writes it to the data file like so... *A test for storing encrypted passwords. OPEN \BAS.USERS\ TO f_bas_users ELSE CRT \Cannot open BAS.USERS file.\ STOP END * CRT \Enter your email address: \: input email_address CRT \Enter your password: \: input password * key = \thisismykey\ result = \\ encrypt_status = \\ encrypt_status = ENCRYPT(\des3\, 1, password, 1, key, 1, 1, \\, \\, result, 1) CRT user_password *Apparently a status of 0 is a success. Which is just plain weird. IF encrypt_status = \0\ THEN WRITEV result ON f_bas_users,email_address,3 END ---------------------- Now lets say I want to check the password to see if it is correct and decrypt the data to do that... *A test for reading encrypted passwords. OPEN \BAS.USERS\ TO f_bas_users ELSE CRT \Cannot open BAS.USERS file.\ STOP END * CRT \Enter your email address: \: input email_address CRT \Enter your password: \: input password * READV stored_password FROM f_bas_users,email_address,3 ELSE stored_password = \\ END key = \thisismykey\ result = \\ decrypt_status = \\ decrypt_status = ENCRYPT(\des3\, 3, stored_password, 1, key, 1, 1, \\, \\, result, 1) ; *This is actually decrypting, the 3 indicates that. *Apparently a status of 0 is a success. Which is just plain weird. IF decrypt_status = \0\ THEN CRT \This is the stored password decrypted from the file.\:result CRT \This is the password entered by the user.\:password END ---------------- So... isn't it kind of pointless to store the key in plain text in the program? Storing the key in plain text in the file also seems pointless? Thoughts? -- John Thompson _______________________________________________ U2-Users mailing list [email protected] http://listserver.u2ug.org/mailman/listinfo/u2-users _______________________________________________ U2-Users mailing list [email protected] http://listserver.u2ug.org/mailman/listinfo/u2-users
