問題描述
如果我使用 AES (System.Security.Cryptography) 來簡單地加密和解密 SQL 服務器中的 blob 或 memo 字段,那么我應該將Key"和IV"值存儲在服務器的什么位置?(文件、Regkey、Dbase、...)
If I use AES (System.Security.Cryptography) to simply encrypt and decrypt blob or memo fields in a SQL server, then where do I store the "Key" and "IV" values on the server? (File, Regkey, Dbase,...)
那么如何保護那些 AES密鑰"和IV"值?
And what with the protection of those AES "Key" and "IV" values?
背景問題更多:如果他們"破解服務器并獲取數據庫......那么他們可能也可以訪問執行加密內容的程序(它在同一臺服務器上,無能為力)......如果他們"非常好,那么他們會注意到Key"和IV"值的存儲位置......(.NET 4.5 ILSPY)并且一切都可以再次解密.
The background question is more : If "they" hack the server and get the dbase... then probably they can get to the program that do the encryption stuff also (It's on the same server, can't help it)... and if "they" are very good, then they will notice where the "Key" and "IV" values are stored...(.NET 4.5 ILSPY) and everything can be decrypted again.
請指教?你們都如何處理 AESKey"和IV"值?
Please advice? How do you all handle AES "Key" and "IV" value’s?
Ps:這與 pwd 字段無關……所以,這與散列無關……它的純數據密碼學.
Ps: This is not about pwd fields... so, it's not about hashing... its pure data cryptography.
推薦答案
IV 已經被其他答案徹底覆蓋,所以我將只專注于存儲密鑰.
The IV has been thoroughly covered by the other answers, so I'll focus just on storing the key.
首先...
我不能,除非它不能在軟件級別的單個服務器上完成.
I can't except it could not be done on a single server at software level.
在軟件中完成的任何事情都可以在軟件中撤消.您可以在任意數量的保險箱中加密、隱藏和鎖定它,但您的應用程序仍然需要能夠訪問密鑰.如果您的應用程序具有訪問權限,那么與您的應用程序具有相同訪問權限級別的人也可以訪問它.
Anything done in software can be undone in software. You can encrypt, hide, and lock it in as many safes as you want, but your application still needs to be able to get access to the key. If your application has access, then someone with the same level of access as your application is able to get to it as well.
開發人員已經處理這個問題很長時間了,沒有靈丹妙藥.
Developers have been dealing with this problem for a very long time and there is no silver bullet.
這一切都是在單個服務器環境(應用程序加 dbase)中設置的,因此我無法將密鑰發送/檢索到第二臺服務器.此外,在這種特殊"情況下,我無法通過機器級或用戶級 RSA 密鑰容器來加密密鑰.
This all is setup in a single server environment (application plus dbase), so I’m not able to send/retrieve the key to a second server. Also, in this "special" case I’m not able to encrypt the key by a machine-level or user-level RSA key container.
我能想到兩種可能的解決方案.
I can think of two possible solutions.
選項 1:
將密鑰存儲在磁盤上,并在操作系統級別配置文件訪問權限,以便只有運行您的應用程序的帳戶才能讀取包含密鑰的文件.該文件可以是平面文件,也可以是加密容器它受您的應用程序知道的密碼保護(由您決定,但加密容器更好).
Store the key on disk and, at the OS level, configure file access so that only the account your application is running under can read the file the key is contained in. The file could be a flat file, or an encrypted container that's protected by a password which your application knows (up to you to decide, but an encrypted container is better).
優點:
- 無需人工干預即可重新啟動.
缺點:
- 你必須做正確的操作系統安全,沒有出錯的余地.
- 具有管理員權限的攻擊者可以獲取密鑰.
另一個類似的選項是使用 DPAPI 而不是用于存儲密鑰的文件(只要您能夠根據您的特殊情況"執行此操作).這是一個內置于 Windows 的 API,它使用您(或您的應用程序)運行的任何 Windows 帳戶的密碼來安全地存儲數據.只有存儲數據的 Windows 帳戶才能檢索它.
Another similar option to this would be to use DPAPI instead of files for storing the key (as long as you're able to do this given your "special case"). This is an API built in to windows that utilizes the password for whatever windows account you (or your application) is running under to securely store data. Only the windows account that stored the data is able to retrieve it.
DPAPI 的一個特別好的功能是,如果管理員重置用戶密碼(通過計算機管理),失去對該用戶 DPAPI 數據的訪問權限.攻擊者需要在不重置密碼的情況下首先破壞用于存儲數據的實際帳戶.
One particularly nice feature of DPAPI is that, if an administrator resets a users password (via computer management), access to that users DPAPI data is lost. An attacker would need to compromise the actual account that was used to store the data in the first place without resetting the password.
選項 2:
要求用戶在應用程序啟動時輸入密碼短語并從該密碼短語派生加密密鑰.獲得密鑰后,丟棄密碼短語并僅將密鑰保留在內存中.
Require that a pass phrase be entered by a person at application start up and derive an encryption key from that pass phrase. Once you have the key, discard the pass phrase and retain the key in memory only.
優點:
- 密鑰永遠不會在磁盤上.
- 即使服務器已root,獲取密鑰也不是一件容易的事.
缺點:
- 無法自動重啟.
- 您可能必須與任何處理支持的人分享密碼.
- 您需要記住,存儲在內存中的數據可能在某些情況下會透明地寫入磁盤.
- Automated reboots are not possible.
- You'll likely have to share the pass phrase with anyone handling support.
- You need to keep in mind that data stored in memory may transparently be written to disk in certain situations.
或者您可以在這兩個系統之間進行折衷,其中密碼短語最初用于派生保存在內存中的加密密鑰,并且每當應用程序正常重新啟動時,密鑰會臨時寫入磁盤或加密容器.重新啟動完成后,應用程序會加載密鑰,然后將其從臨時存儲中刪除(如有必要,請確保覆蓋存儲密鑰的磁盤位置,使其無法恢復).
Or you could do a compromise between these two systems where, a pass phrase is initially used to derive the encryption key which is held in memory, and the key is temporarily written to disk or encrypted container whenever the application is gracefully restarted. When the restart is complete the application loads the key and then deletes it from temporary storage (and if necessary, be sure to overwrite the disk location where the key was stored so that it can't be recovered).
這篇關于如何安全地處理 AES “Key" 和 “IV" 值的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網!