Security Basics mailing list archives

dpapi security considerations

From: Ingeniero Arellano <arellanobmsc () gmail com>
Date: Wed, 3 Mar 2010 16:57:48 -0400

Hello,

I am evaluating the use of Windows DPAPI to store database connection
strings.

1. What are the implications of virtualized servers which are cloned for
backup.. does access to the backup machine basically make the administrator
level access easily obtainable, and thus a simple DPAPI.Decrypt command on
the registry key to find the strings?

2. Is it useful to enforce the use of a non-null pseudo-random "secondary
entropy" parameter such as a phrase made-up by the developer? Is it better
practice to store this in code (which can be decompiled so easily) or in an
obfuscated registry key?

3. Can Registry key permissions (DACL) provide a way to disallow access to
the cyphertext even if the machine=B4s Admin account has been compromised?

4. Unrelated, is there anything similar to DPAPI for Linux? I've seen
replies to this that anybody can write a key-management daemon but is there
one out there that has a high level of developer acceptance and a simple
API?

In a nutshell, is DPAPI only as safe as the Administrators/Users password or
can secondary entropy and registry permissions create a meaningfull
additional layer of security for the stored secrets? I don't think we
can use passwords since there is no manual intervention.

Thanks,

Eric

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

dpapi security considerations Ingeniero Arellano (Mar 04)