Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I securely store encryption keys in java? [closed]

Tags:

I have a java properties object with authentication information for a web service. I need to encrypt that data, but I don't know where I need to store the encryption key for it to remain secure.

What are the best practices around encrypting this data and retrieving it in a secure way?

Is there any advantage to using a keystore?

ws_user=username
ws_password=password
ws_url=https://www.whatever.com/myservice
like image 394
ScArcher2 Avatar asked Dec 02 '11 14:12

ScArcher2


People also ask

What are the best practices for secure password storage in Java?

Currently, the most secure way to store passwords is using Password Based Encryption (PBE), which provides functions (called Key Derivation Functions (KDFs)) that will convert low entropy user passwords into random, unpredictable, and most importantly one-way, irreversible bytes of data.

How do I hide my encryption key?

You cannot, it is impossible. Any attacker who has access to the target machine would be able to disassemble your code to find it, or find the key file on the target machine, etc. The ONLY way to ensure that the encryption key is secure, is to have it typed in manually by the user when it is needed. Save this answer.

Where should you store the encryption?

The encryption key is created and stored on the key management server. The key manager creates the encryption key through the use of a cryptographically secure random bit generator and stores the key, along with all it's attributes, into the key storage database.


2 Answers

Your problem is a common one. In linux, user passwords are stored in a plain text file. Although only the password hashes are stored, if an attacker gets access to that file, he will not take long to discover some password using an offline dictionary attack. In this case, the OS relies on file permissions to deny access to unauthorized users. In your case, it is not much different. You must configure the password file permissions properly and ensure the physical security of the server.

like image 106
dsboger Avatar answered Sep 28 '22 04:09

dsboger


The bottom line is that somewhere needs to have the "root-of-the-chain" password in an unencrypted form. An OS-protected local file, an OS-protected remote file, hardcoded in the source, etc.

The only way around that is to require a human to type the initial password at application start, which obviously isn't possible for applications which need to autostart.

like image 29
dbreaux Avatar answered Sep 28 '22 02:09

dbreaux