|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Re: best practice for encrypting in apphttp://www.leastprivilege.com/PermaLink.aspx?guid=ebd9956e-a36c-4b57-8d58-6ff79a60e43f --- Dominick Baier - DevelopMentor http://www.leastprivilege.com nntp://news.microsoft.com/microsoft.public.dotnet.security/<O0PdyPIKFHA.3***@tk2msftngp13.phx.gbl> And you can find a managed wrapper for DPAPI to download here http://www.theglavs.com/GlavTech/Downloads/DPAPI_Wrapper.zip -- - Paul Glavich ASP.NET MVP ASPInsider (www.aspinsiders.com) Show quoteHide quote "Kaustav" <Kaus***@discussions.microsoft.com> wrote in message [microsoft.public.dotnet.security]news:1DD4F43A-791B-4FD8-8D87-F9CD3F027B2F@microsoft.com... > Hi Homer, > > you can use managed wrappers of DPAPI (Data Protection API) for > key-management. > > HTH. > > Kaustav Neogy. > > "Homer" wrote: > > > I have a general question where is the best practice to store and how to pass > > in the key for symmetric encryption to an app. > > I have created a helper dll to aid with the encrypting\decrypting > > sensitive scripts that we have. How should I interact with this DLL by > > passing in the key for the encryption methods. Should the key be encrypted > > somewhere or hard coded in the app and passed into the DLL. > > I know when using symmetric encryption the key phrase is supposed to be > > secret. So just looking for a best practice solution. > > > > thanks in advance 
Other interesting topics
Error instantiating RSACryptoServiceProvider
Error from CAS Config util Newbie error on output Running programs located on server why i get UnauthorizedAccess Exception? Code Access Security - User Policy Level best practice for encrypting in app Secure files on virtual Single-sign-on .NET GUI to J2EE server CFileDialog and ImpersonateLoggedOnUser on Win2k system |
|||||||||||||||||||||||
