Geek Answers Handbook

How secure are cryptographic containers for Windows?

I use Win32 cryptographic key containers for each user (via the .Net RSACryptoServiceProvider class) to store the private key used to decrypt saved passwords in the password manager.

How secure is the private key? Obviously, any program running from the same user account can access it. But is the key really encrypted based on the user's password?

Is it possible to consider that the private key is available only after the user logs in? Or can a service (or other account) retrieve the key? Can the computer administrator not know the user password? Can I retrieve the key by resetting the user password using the administrator account? If the computer is stolen and the attacker can gain access to the hard drive (but does not know the user password), can he extract the secret key? If a user has blocked a session, can an attacker retrieve a key from memory using the administrator / kernel account driver?

PS I know about the "master key" template, but in my case this is unacceptable, so I need to store passwords in the most secure way that I can.

+8
security c # windows rsa
source share
1 answer

User user keys should be accessible only after the user logs in and cannot be accessed simply by resetting the user password and then logging in using the reset password (indeed, there are warnings before the user password is reset that the user will lose access to encrypted data, etc. .d.) See: http://support.microsoft.com/kb/290260

However, as soon as a user logs on to the system, it is possible for processes of other users on one computer with sufficient rights (usually granted only to administrative / system accounts) to access stored keys, for example. by entering the code into the process of the user that will be launched, I am the context of the user and, therefore, I can do everything that the user can do with the key (use it to decrypt, sign or export the key, etc.).

Enabling strong secret key protection can reduce some of these problems by requiring the user to enter a password for the key whenever it is used. Even so, it is probably still possible that the malicious code will intercept the key password.

+2
source share

More articles:


All Articles