Security Basics mailing list archives
Re: Securing an encryption key within software.
From: simonis () myself com
Date: 19 Jun 2006 15:25:52 -0000
As you have discovered, you can't. All you are doing is moving the problem. If the attacker discovers your hardcoded key, then s/he can decrypt the file containing the DB key, so their is no additional security to this. It just adds a step to the process. Usually, in a very secure environment, a hardware security module is used to contain the key, and the application brokers access to that key for the DB. Such things can be done in software as well. One could argue that this is also not ideally secure, since anyone in possession of the application who could have recovered the key could also determine the function calls to get the HSM to give up the keys. In general, this is a war between function and security. One good way to secure the key is to encrypt it with a passphrase that the admin would enter upon initialization, and then store the key in protected memory. But, that makes restart difficult. I might recommend you read Kevin Kenan's book on database security, it focuses almost enitely on encryption and the challenges of same, offering some thoughtfull solutions.
Current thread:
- Securing an encryption key within software. Davie Elliott (Jun 16)
- Re: Securing an encryption key within software. Saqib Ali (Jun 19)
- <Possible follow-ups>
- Re: Securing an encryption key within software. simonis (Jun 19)
- Re: Securing an encryption key within software. alegr1 (Jun 19)