Safe way to store decryptable passwords in ruby

Question

I want to store some keys in an encrypted form in database in a secured fashion. At the same time I need to use the non-encrypted(original) form of the keys somewhere in my code. I planned to use PBKDF2 for password hashing PBKDF2. Is it possible to decrypt the key stored in the database in an encrypted form using PBKDF2. Or Is there any simple and secure procedures available?

Answer 1

Passwords and secret keys are usually stored in their hashed form. That means they are processed through a hash function before being saved to the database. A good hash function such as bcrypt has the following properties:

• it produces the same output for the same input
• it produces very different output for different inputs
• its output is not distinguishable from random
• it is not reversible

The last property has a very important security implication: when someone gets access to the database, they cannot recover the original keys because the hash function is not reversible, especially when the hash is salted to prevent attackers from using rainbow tables.

That means if you want to recover the keys later on, you have to save them in encrypted (not hashed) form. An encryption function has similar properties like a hash function, with the key difference that it is in fact reversible. For this decryption step you need a key, which needs to be stored somewhere.

You could store the the key in your application config but that would mean that if someone gains access to your server, they would be able to retrieve the encryption key and decrypt all the stored keys.

I suggest an alternative approach, which will users allow to retrieve only their own stored keys. It is based on the idea that the keys are encrypted with a user-specific password that only the user knows. Whenever you need to perform an action that needs to store or retrieve the keys, the user is prompted for their password. This way, neither yourself nor an attacker will be able to retrieve them, but your program can access them if the user allows it by entering his password.

• Store a conventionally hashed user password in the database e.g. using bcrypt
• Allow users to store additional password with the following procedure:
  • Prompt for user password and keys to store
  • Hash password and compare with database to authenticate
  • Generate salt for each entered key
  • Use user-entered password and salt to encrypt keys to store e.g. with AES encryption
  • Store salt and encrypted keys in database
• To retrieve the stored keys in an action requiring them in plain text form:
  • Prompt for user password
  • Hash password and compare with database to authenticate
  • Retrieve encrypted keys and salt from the database
  • Decrypt stored keys using user password and salt

Be careful to remove user submitted passwords from the application log ;-)