All geek questions in one place

How can I safely save the encryption key in the system (openssl, c)?

Hi, I am using openssl evp api to encrypt / decrypt a file using AES256CBC.

The file is encrypted using the key 'k' and iv 'v' (which were generated using the EVP_BytesToKey() function, where I provide random bytes of data in the form of salt that I receive from RAND_bytes() and the password provided by the user, and then using these two, I initialize the encryption context and decrypt the context.

Initialization Function:

 int aes_init(unsigned char* pwd, unsigned int pwd_len,EVP_CIPHER_CTX *e_ctx, EVP_CIPHER_CTX *d_ctx) /* return 0:SUCCESS 1: ERROR */ { int i, rounds =5; /* rounds */ unsigned char key[32], iv[32], salt[8]; if(!(RAND_bytes(salt,8))) //Writes cryptographically secure random bytes in salt[] { perror("\n ERROR,SALT::"); return 1; } i = EVP_BytesToKey(EVP_aes_256_cbc(),EVP_sha1(),salt,pwd,pwd_len,rounds,key,iv); }

I plan to implement this scenario:

The user encrypts file A with key k and program IV v. Then, if now the user now wants to decrypt the encrypted file A, he will need the same encryption context, that is, the same key k, the same IV.

So my problem is how can I safely save the key and iv (the same as for encryption) so that I can use it to decrypt the file later.

NOTE. I saw how some commercial encryption products create some kind of keystore for this, any idea how this is done.

Is there any set of recommendations that follow this?

Any suggestion would be greatly appreciated.

Many thanks

+4
source share
3 answers

An alternative to storing the key would be to ask the user to enter a password. First, you encrypt the file using a completely random (session) key. This key is encrypted with a key obtained from a password, for example. using a function like PBKDF2 (see many stack articles). Keep the encrypted key with the file (perhaps before the file, to simplify the decryption, you can encrypt and record the key before encrypting the file).

+1
source

If I understand your question correctly, you cannot.

Sooner or later, someone has to unlock the keystore. To do this, you need a key. You cannot save the key store unlock key because you need to remove it in the box so that the key store can be unlocked. Ok, you could be able to store the keystore unlock key somewhere, but now you have the same problem again.

The “standard” solution requires that you rely on the security of the operating system, so that the key unlock key is not accessible to any user except the owner of the keystore or superuser (assuming a UNIX-like system).

+3
source

None of these “solutions” are truly secure. If you want to securely store the symmetric key in the system, you must save it in the equipment security module (HSM). One relatively inexpensive option is the Apricorn Aegis Encrypted Flash Drive, which is FIPS 140-2 Level 3 approved.

See http://www.apricorn.com/products/hardware-encrypted-drives/aegis-secure-key.html for more details.

+2
source

Source: https://habr.com/ru/post/1410995/

More articles:


All Articles