Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Best practices for storing secret keys

I have an asp.net app, and I want to store a machine wide encryption key that I will be using in the apps, when using DPAPI crypto system.

What are the best practices to store the key - where do I store it?

Thanks.

like image 236
Nice Avatar asked Mar 10 '10 14:03

Nice


1 Answers

It very unsafe to store any key as plaintext in any non-volatile and inherently insecure medium (such as a Hard Drive). On such mediums, you should only store a signed encrypted version of a key, and write-access to the encrypted key should be secured.

The real work at hand is to model the security needs, to determine the key-management policy and implementation.

like image 106
M.A. Hanin Avatar answered Sep 21 '22 16:09

M.A. Hanin