tags:

views:

164

answers:

3
+1  Q: 

Why shouldn't a private key be stored verbatim or in plain text on the local computer?

I was reading this:

http://msdn.microsoft.com/en-us/library/tswxhw92(VS.80).aspx

The first sentence says: "Asymmetric private keys should never be stored verbatim or in plain text on the local computer."

What's the problem with this? And how does a key container solve it.

The reason I'm asking is that I want to generate an asymmetric key pair. The application I'm writing will encrypt information it sends back to me with the public key. I was thinking of storing the public/private key pair in our source control system so that it gets backed up. Shouldn't I be doing that? If not, how should I store the private key so that it can be reliably backed up?

Thanks. -scott

Update: Does 'never' in the quoted sentence really mean never. Or does it mean I shouldn't be storing keys to source control unless I'm not prepared to take the risk that a hacker could potentially retrieve the keys from our source control system or from a backup taken from it.

+2  A: 

Because a malicious user can read your key, if he/she gets a hold of your files. Not sure, what the key container does, but I would guess that it encrypts the keys before writing them to a file.

ynimous  2009-06-15 10:24:31
+3  A: 

A common solution is to encrypt private keys in the keychain e.g. by using some password-based encryption scheme.

The private key is needed in order to decrypt bits encrypted with the public key, and vice versa. Since the public key is public by definition, you want to keep its private counterpart secret.

Especially when public key crypto is used for digital signatures, it's important to keep the private key secret. Being able to produce digital signatures that can be verified with your public key essentially proves that whoever made the signature had access to your private key.

If you can guarantee that no one but you, or software you trust, can access files on your computer, you don't need to encrypt your private keys. But these are tough assumptions to make.

laalto  2009-06-15 10:46:18
Are you talking about encrypting the private keys with a password that is persisted in human memory?
Scott Langham  2009-06-17 08:21:08
@Scott Langham: Yes, or more like a longer passphrase. Of course that is not the only form of protection. You still don't share the private keys with anyone but store them in a place not easily accessible. E.g. by using protections offered by the operating system like file system permissions or special keystore components.
laalto  2009-06-17 08:28:07
+3  A: 

Yes, the "never" in the quoted sentence really does mean never.

If the key is stored in plaintext, then anyone with access to that file can read or duplicate your key, then use it to impersonate you. If you display that file on-screen for whatever reason (looking up the key, open the wrong file, editing other information in the file, etc.), then anyone walking past can see it, potentially memorize it, and use it to impersonate you.

A private crypto key is a non-shared secret. If you don't keep it non-shared and secret, it can't do its job properly.

Dave Sherohman  2009-06-15 11:11:33
Hmm. I've gotta store it somewhere. I don't think anybody's going to memorize it because it's long and very random - there's no chance I could remember it. So, I still think it's going to have to go on disk. I'll just have to ensure that disk doesn't fall into baddies hands.I suppose I could encrypt it to store it, but then, I've still got the problem of what do I do with the key I used to encrypt it with.
Scott Langham  2009-06-17 08:19:13
Yes, it has to be stored somewhere and you ended up in the right place with the conclusion that you should store it in an encrypted form. The key to decrypt it is generally in the form of a passphrase, entered by the user at program startup.
Dave Sherohman  2009-06-17 09:45:48

related questions

How to implement password protection for individual files?
Encrypting appSettings in web.config
Usefulness of SQL Server "with encryption" statement
How can I use a key blob generated from Win32 CryptoAPI in my .NET application?
CodeReview: Tiny Encryption Algorithm for arbitrary sized data
Simple encryption implementation in C
Which hard disk encryption software to choose?
Passing untampered data from Flash app to server?
How do I prevent replay attacks?
Is there a best .NET algorithm for credit card encryption?
Encrypt data from users in web applications
How to encrypt one message for multiple recipients?
Two-way password encryption without ssl
What's the answer to this Microsoft PDC challenge?
GPG: How does key signing work and how is it done?
Secure Online Highscore Lists for Non-Web Games
Programmatically encrypting a config-file in .NET
How do I use 3des encryption/decryption in Java?
Encryption in C# Web-Services
Suitable alternative to CryptEncrypt
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
C# - CryptographicException: Padding is invalid and cannot be removed
How can I encode xml files to xfdl (base64-gzip)?
How do I add SSL to a .net application that uses httplistener - it will *not* be running on IIS
Encrypting Passwords