0

In my C# project, I need to use SQLite Cipher to store some data. While the password of the database also meets the problem: where to store it.

My application should be able to work when it is offline (disconnected from any server). So that means the password must be saved in either some encrypted file or in source code.

If the password is saved in a encrypted file, then the next problem is where to save the encrypted file's password...

My company has strict requirements for software security, e.g. cannot hardcode password, etc.

Any advise?

Tom Xue
  • 3,169
  • 7
  • 40
  • 77
  • i'm afraid there's only one place you can safely store it, in the end: the users brain. – Franz Gleichmann Feb 06 '23 at 17:39
  • If you can bind the password to a certain computer or account you might want to have a look at [DPAPI](https://learn.microsoft.com/en-us/dotnet/standard/security/how-to-use-data-protection) – Ralf Feb 06 '23 at 17:52
  • Side note: the post does not demonstrate amount of research one would expect from "senior researcher"... It is very surprising you did not find any information on "storing secrets" on SO, [security.se] or your company internal resources.... As result I picked one possible duplicate that offers DPAPI (similar to @Ralf suggestion) - make sure to [edit] post to show your research if that duplicate is not what you are looking for. And as Terry Carmen highlighted in they answer talk to your security and privacy team(s) first. – Alexei Levenkov Feb 06 '23 at 18:14

1 Answers1

1

This is a classic problem with no perfect solution, only "less bad" solutions.

Typically, the master password is stored in a file/location that only the machine's root account or startup process has access to.

The root/startup account reads the password, then starts the application as a lower privilege process that doesn't have access to the password file, and gives it the password.

My company has strict requirements for software security, e.g. cannot hardcode password, etc.

How you implement this depends on your company's specific standards. It's entirely possible that they don't allow storing it anywhere and that a human would need to input the credentials at startup.

This isn't common, but is done in some very high risk situation.

Instead of guessing, I would suggest asking how their current software implements these requirements and doing whatever they currently do.

Security and encryption is very easy to do badly even if it looks correct.

Terry Carmen
  • 3,720
  • 1
  • 16
  • 32