I have a Windows.Forms-based .NET desktop application that stores privileged information in a file on disk (without using .NET configuration files) encrypted using a symmetric cryptography algorithm such as TripleDES using MS CryptoAPI. This file must be read / written for several program cycles / machine power cycles, aka, use the same / IV switch each time. The obvious question here is how to protect the key (and possibly IV), and a few questions here on SO just say “use DPAPI” and give a trivial round-trip encryption / decryption example.
I know how to use DPAPI already, but there seems to be an obvious problem with using it to protect the / IV switch, which will be transferred to another encryption scheme. Consider the following code:
TripleDESCryptoServiceProvider^ cryptoprov = gcnew TripleDESCryptoServiceProvider; cryptoprov->Key = ProtectedData::Unprotect(encryptedKey, salt, DataProtectionScope::CurrentUser); cryptoprov->IV = ProtectedData::Unprotect(encryptedIV, salt, DataProtectionScope::CurrentUser);
Due to the fact that you must assign the SymmetricAlgorithm derived class “Key and IV”, could the attacker simply set a breakpoint at this point and easily determine what Key / IV is?
My questions are as follows:
- Am I missing a point for using DPAPI to protect keys? How do you do this?
- Should I use DPAPI to encrypt my file? Therefore, storage of keys / IV is not required.
- I noticed the existence of CspParameters for asymmetric encryption. Is this inherently a better option than symmetrical? (in the context of my scenario, not symmetric or asymmetric)
Thanks!
source share