views:

164

answers:

3

I was reading this:

http://msdn.microsoft.com/en-us/library/tswxhw92(VS.80).aspx

The first sentence says: "Asymmetric private keys should never be stored verbatim or in plain text on the local computer."

What's the problem with this? And how does a key container solve it.

The reason I'm asking is that I want to generate an asymmetric key pair. The application I'm writing will encrypt information it sends back to me with the public key. I was thinking of storing the public/private key pair in our source control system so that it gets backed up. Shouldn't I be doing that? If not, how should I store the private key so that it can be reliably backed up?

Thanks. -scott

Update: Does 'never' in the quoted sentence really mean never. Or does it mean I shouldn't be storing keys to source control unless I'm not prepared to take the risk that a hacker could potentially retrieve the keys from our source control system or from a backup taken from it.

+2  A: 

Because a malicious user can read your key, if he/she gets a hold of your files. Not sure, what the key container does, but I would guess that it encrypts the keys before writing them to a file.

ynimous
+3  A: 

A common solution is to encrypt private keys in the keychain e.g. by using some password-based encryption scheme.

The private key is needed in order to decrypt bits encrypted with the public key, and vice versa. Since the public key is public by definition, you want to keep its private counterpart secret.

Especially when public key crypto is used for digital signatures, it's important to keep the private key secret. Being able to produce digital signatures that can be verified with your public key essentially proves that whoever made the signature had access to your private key.

If you can guarantee that no one but you, or software you trust, can access files on your computer, you don't need to encrypt your private keys. But these are tough assumptions to make.

laalto
Are you talking about encrypting the private keys with a password that is persisted in human memory?
Scott Langham
@Scott Langham: Yes, or more like a longer passphrase. Of course that is not the only form of protection. You still don't share the private keys with anyone but store them in a place not easily accessible. E.g. by using protections offered by the operating system like file system permissions or special keystore components.
laalto
+3  A: 

Yes, the "never" in the quoted sentence really does mean never.

If the key is stored in plaintext, then anyone with access to that file can read or duplicate your key, then use it to impersonate you. If you display that file on-screen for whatever reason (looking up the key, open the wrong file, editing other information in the file, etc.), then anyone walking past can see it, potentially memorize it, and use it to impersonate you.

A private crypto key is a non-shared secret. If you don't keep it non-shared and secret, it can't do its job properly.

Dave Sherohman
Hmm. I've gotta store it somewhere. I don't think anybody's going to memorize it because it's long and very random - there's no chance I could remember it. So, I still think it's going to have to go on disk. I'll just have to ensure that disk doesn't fall into baddies hands.I suppose I could encrypt it to store it, but then, I've still got the problem of what do I do with the key I used to encrypt it with.
Scott Langham
Yes, it has to be stored somewhere and you ended up in the right place with the conclusion that you should store it in an encrypted form. The key to decrypt it is generally in the form of a passphrase, entered by the user at program startup.
Dave Sherohman