15

Which route to take, whats the pros and cons, which is more secure..

1) Generate AES key, encrypt the data with it and then encrypt the AES key with RSA, save the encrypted data and encrypted AES key to a file and RSA keypair to a KeyContainer.

2) Or use DPAPI ProtectedData class to encrypt the data and save it to a file and then store the entropy what i used with ProtectedData.Protect() to somewhere.. (maybe allso encrypt it with the RSA, store the RSA keypair to KeyContainer and the encrypted entropy to the file with the data?)

EDIT: Just for more info: We need to secure our applications file system usages. So any file the application stores to the filesystem we want it to be encrypted. The file is most likely used by the same application or another component of the same application stack.

hs2d
  • 6,027
  • 24
  • 64
  • 103

4 Answers4

5

If you are looking for an encryption scheme to protect local application data, then your choice of API depends on if you would need to share the encrypted data between different servers running the same application.

If only one server would need access to the data, then DPAPI should be good enough for your purposes. The security is provided by the user's credentials, which in this context will be the credentials running your application stack. You can provide an additional entropy (or 'salt') hardcoded into your application to increase the security so that it is not reliant on the end user credentials alone. It is simple to implement and you don't need to deal with exporting/importing keys.

If multiple servers would need to access the same files / data, then the RSA Key Container method is better. The same key can be exported to multiple servers and they can share the same encrypted files. The key can also be backed up for recovery purposes. You don't have such an option with DPAPI.

The security in one method is not better than the other, as they use similar schemes and both keys are in the end protected with the user credentials. DPAPI uses credentials to secure the internal RSA keys it uses and Windows will control access to RSA Key Containers by using the credentials as well.

Can Gencer
  • 8,822
  • 5
  • 33
  • 52
2

I have used DPAPI in the past and it was quite simple. RSA keypair looks quite manual to me. you can use DPAPI protection based on User/Machine level.

MSDN link on DPAPI

Bek Raupov
  • 3,782
  • 3
  • 24
  • 42
2

Sorry, but your question don’t contain enough information to give good answer on your question. You have to describe more about the architecture of your application and the structure of the data which it used.

Is the application the Windows service or an EXE application running in the user context? Who owns the data, which you want to encrypt: the application, the user? Are the data shared between the users? Do you save the data on the local hard disk or on the server (on mixed)? Do you save the data as the part of the user profile?

The most important is the question: where you plan to hold the key? The problem is that the key is like the key from your home: you want that only you (or your close friends) have access to the key, but nobody else. Nevertheless one can frequently find the key somewhere near to the lock: under the mat lying at the door. One does this because there is another problem: what should be done if the key will be lost? All the questions are the part of "key management".

DPAPI is more as 10 years old. The most advantage of it is that it helps to save the key owned by the user so, that the user holds the key automatically and the encrypted data can be decrypted on another computer on the network in case of usage of roaming profiles. If you have the same requirements DPAPI can gives you advantages.

Sorry for so general answer, but in my opinion is that the key to find the solution of your problem is not to use one or another API. The most important thing is the key management. You should first have clear imagination about the key management of your application, including actions on some typical support problems, before you start to encrypt the application data.

Oleg
  • 220,925
  • 34
  • 403
  • 798
1

DPAPI restricts the decryption to a key that is bound to the machine or even to the user on that machine.

with AES and RSA you don't have a restriction like that ... you could even decrypt on a totally different platform + here you know how the system works ... in contrast to DPAPI

you will probably want to have a look at this

DarkSquirrel42
  • 10,167
  • 3
  • 20
  • 31