Encrypt the primary key with another key and store the
encrypted key in a file on hard drive. And store the
second key which you have used to encrypt the
original/primary key in registry with access rights to
the user running the application. Dunno if that
answers your question or not!!!
--- Davie Elliott <[EMAIL PROTECTED]> wrote:
>
> Hello everyone,
>
> I have been writing a password storing application
> in Visual Basic. The
> passwords are stored in a database and encrypted
> with AES 256-bit.
> And I have been wondering how I would stop the key
> from being found, should
> the software somehow leave the building and fall
> into the wrong hands.
>
> Using a simple Hex Editor on the software I can see
> that any strings that
> have been defined ("hard coded") in the software can
> easily be read. So what
> I have done is left the "hard coded" key in the
> software, but only use it to
> encrypt/decrypt the database key the is held in a
> file, so I have:
>
> "Hard coded" key [ENCRYPT] Database Key ----->
> Encrypted key (Store in a
> plain text file)
>
> When the software loads:
>
> "Hard coded" key [DECRYPT] Encrypted key ----->
> Database key (Stored in
> memory and used to decrypt passwords in the
> database).
>
> My worry again, is that if the plaintext file and
> the software managed to
> leave the building, the same situation will occur.
>
> So, my question is: How does one securely store an
> encryption key inside a
> program?
>
> I thank you for your input.
>
> Davie Elliott
> Network Administrator
> Express Link-Up Social Enterprise
> Unit 4-6
> Lenton Business Centre
> Lenton Boulevard
> Nottingham
> NG7 2BY
> t: 0115 9791200
> w: www.eluse.co.uk
>
>
>
>
>
---------------------------------------------------------------------------
>
---------------------------------------------------------------------------
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------
