Security Basics mailing list archives

Re: Regarding Private key

From: Srikanth Dabbiru <srikanthdab () gmail com>
Date: Wed, 17 Jun 2009 13:43:33 -0400

When you lock your house, do you take the key with you or put it underthe doormat and leave a note on the door stating that the key is underthe doormat ?

On Jun 17, 2009, at 5:38 AM, manmeet Singh <mannirulz30 () yahoo com>wrote:

Hi all,
I am facing a very tedious probelm. I want to know what the variousoptions and how secure are these options.
I have a file that contains plaintext.I have to read that file andafter first read , encrypt it(AES) and delete the plain text fileand save the encryped file.On subsequent reboots, i have to readdecrypted text.
Now the question is How do i manage the AES key?
Storing the AES key/IV in file is one option? (Isnt It same asstoring the plain key assuming i dont have any secure storage)
Hard code  the AES Key/IV values  in the code?
What other options are possible. ?


Warm Regards,
Manmeet Singh
------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute
Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in bothInstructor-Led and Online formats is the most concentrated exam prepavailable. Comprehensive course materials and an expert instructormeans you pass the exam. Gain a laser like insight into what iscovered on the exam, with zero fluff!
http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

Current thread:

Regarding Private key manmeet Singh (Jun 17)
- Re: Regarding Private key Stefan Castille (Jun 17)
- Re: Regarding Private key Aarón Mizrachi (Jun 17)
- Re: Regarding Private key Srikanth Dabbiru (Jun 17)
- Re: Regarding Private key Jeffrey Walton (Jun 17)
- <Possible follow-ups>
- Re: Regarding Private key mannirulz30 (Jun 17)
- Re: Regarding Private key ron (Jun 17)