One approach is to use the password obtained above to decrypt another file that contains the actual encryption key. You could also use this to split the password into two pieces with JNDI - you can use a plaintext passphrase in JNDI and an initialization file somewhere in the filesystem.įinally, whatever you do be sure you can 'rekey' your application fairly easily. Again it's a case the tape backups or the password itself isn't enough, you need both. You want to find one that requires an external file as well. If you can require the user to actively enter the password, there are PBE (password-based encryption) algorithms that convert a password to a good symmetric key. (There are more sophisticated ways to split a key, e.g., an n-of-m algorithm where you don't require all of the pieces to recreate the key, but that's -far- beyond what you need here.)
You might need to base64-encode some of the partial keys so they can be stored properly, e.g., in a JNDI property. At the end of the process you want, e.g., three partial keys such that p1 ^ p2 ^ p3 = key. (Use a cryptographically strong random number generator!) You can repeat this process several times if you want to split the key into multiple pieces. You can split a key by XOR-ing it with random numbers of the same size. Getting any single piece isn't particularly hard if you're compromised, e.g., examining backup media or SQL injection, but getting all of the pieces will require a lot more work. net equivalent), and part of it in the database. E.g., you might split the key and put part of it in the filesystem (outside of the 'webapps' directory), part of it in the JNDI configuration (or. One standard approach in the webapp world is to split the key and put it in different places.
0 kommentar(er)
