Geek Answers Handbook

I * must * store third-party credentials in my database. The best way?

My application should read the third party SSL address. What is the best way to store third-party credentials in my own database, which protects third-party credentials from being compromised? Consider both absolute safety and practicality. One-way hashing of credentials is not useful, since I have to recover the credentials for plaintext for SSL call. I use python in the google engine and my application authenticates with google credentials.

  • encrypt credentials using, for example, AES and save the encryption key elsewhere (just moves the problem), or deduce it from the credentials and save a secret algorithm (just moves the problem).
  • encrypt credentials using a synchronous stream cipher , deduce (not) entropy from the credentials and keep a secret algorithm (just moves the problem)
  • in a separate web application designed to store third-party credentials, specify the SSL URL to receive third-party credentials, google credentials will be available to this URL (the same as in my application), and you can use authsub or something to transfer authorization to another web application. it sounds more secure because it is harder to crack a trivially simple webapp, and if my complex main application gets compromised, no third-party credentials are displayed.

What do you think of all the approaches?

+7
python security authentication google-app-engine passwords
source share
4 answers

This is a difficult task, and no approach will save you to make sure that there is no weak connection. Firstly, I don’t know if hosting on Google will be the best way because you will lose control (I really don’t know if the App Engine is designed with the required level of security, you should find that) and probably cannot penetration testing (what you need).

Having a separate small application is probably a good idea, but it does not save you from having to encrypt the credentials themselves in this small application anyway. He simply buys simplicity for you, which in turn simplifies the analysis.

I personally would try to create an application so that the key changes randomly after each use, having a kind of one-time pad . You will not specify the application in sufficient detail to make sure that this is possible.

+2
source share

How are credentials used? If their use is initiated only by the original owner (for example, you store a bank card number and they make their second purchase), then they can provide a password at that moment, which is used as the encryption key. Then you will not need to store this key locally, and the contents of the database will be useless to the attacker.

+3
source share

If you need to store credentials reversibly, there is simply no solution. Use AES and keep the secret key under well-paid armed guards.

If you use windows, I would check the Cred * Win32 API (advapi32.dll), at least it would allow you to use key management for windows syskey, where TPM and passphrase for boot can provide protection against low level compromise (stolen disk drives )

Obviously, if your application or the security context in which it operates is compromised, none of the above issues will have much support.

+2
source share

A decent book that covers such a situation, Cryptography in the database .

+2
source share

More articles:


All Articles