I have a model that has inside of it
a few bits of data I would like to encrypt.
I’m using ezcrypto to do the encrypting, but was wondering
what your opinions are for what is the best way or place
to store the encryption key?
thx!
Dave
On Jul 19, 2007, at 21:40 , Dave C. wrote:
I’m using ezcrypto to do the encrypting, but was wondering
what your opinions are for what is the best way or place
to store the encryption key?
I think if anyplace, in your configuration file. I don’t think you’d
want to hard-wire something like that to a model. I understand you
need to store this somewhere, but I must admit storing it anywhere
makes me feel a bit uneasy from a security standpoint.
Doesn’t your encryption library include guidelines for this?
Michael G.
grzm seespotcode net
Doesn’t your encryption library include guidelines for this?
http://ezcrypto.rubyforge.org/
The read me doc says:
“The raw method could be used for storing in
a database using a tinyblob column.”
(the raw key) - Which is what I’m doing currently, having a uniquely
generated key per db entry. Seems ok to me, just looking for other
opinions.
Dave C. wrote:
Dave
There are couple of points to think about:
a) Your trust fabric & functionality
The question is whom do you trust & why. If the security model is
that the clients trust the server and the function of encryption is to
secure the channel, you can keep the keys in a file and secure it with a
password which will be hard-coded in the code running in the server and
client side. Anybody who has access to the server can walk away with the
file and then can decrypt the pieces of data. So you are trusting the
physical security of the server, which is OK.
b) Nature of keys and Key exchange mechanism
If you are using symmetric keys, you need to have a way of
distributing the actual key to both the server and the client. Remember,
time will come when you have many clients and servers and the key would
need to change. So plan for a good and simple mechanism - manual is
fine, so long as it is well documented ;o)
OTOH, if you are using certificates, then you need to distribute the
public key of the server to the clients plus keep the password protected
private key in the server. In this case, if you are load balancing
between servers et al, you need to take care of (and document) that
aspect as well.
In short, without knowing more about your application, it is better to
use a public-private key paradigm, keep a password protected private
key in the server and distribute the public keys as certs to the
clients. A certs directory is the best place to keep these artifacts.
Cheers & hope it helps
On 7/19/07, Dave C. [email protected] wrote:
(the raw key) - Which is what I’m doing currently, having a uniquely
generated key per db entry. Seems ok to me, just looking for other
opinions.
If the key is stored in the same database as the encrypted data, there
isn’t any point in encrypting it in the first place. And no don’t use
a blob, base64 encode it and put it in a text/varchar column.
Chris