Secure storage of private key [on hold]

Tag: encryption , passwords , privatekey Author: fly19882 Date: 2014-04-22

We want to store our passwords for FTP, websites, databases, etc. You can compare our software to keypass but we wanted to do our own solution. The passwords will be encrypted and stored in a database. We can't use checksums because we need to show the passwords in plaintext.

The problem is that we couldn't find a good solution to store the private key. If it's written in the code, you can get it quite easily. If it's hidden in a dll, you can't hide it effectively, because the machine has to use it. All users of our software have full access to the source code, the database with the encripted passwords and are admins on their PCs, so they could read the code when it's used.

We thought about storing the private keys in a seperate database which is accessed with another password but the key will be used anyway.

So, we're not getting anywhere. We are aware that there is no 100% save solution for this but there got to be an almost safe one.

You haven't mentioned why you can't emulate keypass in their manner of getting the encryption key: Asking the user for a password. Also you don't seem to be happy with the "almost safe" (i.e. insecure, "but who would notice?") solutions given that you reject the dll embedding. Overall you do not supply enough context to help you find a secure solution (if there is one): Your application is supposed to store whose passwords on whose PC for which legitimate use?
We are a few people and some share entries for FTP, etc. At the moment, we share a Keepass-File. Which means that everyone of us can access every entry with the Master-Password. That is what we don't want anymore. Everyone should be able to access his own entries and specific shared ones. Those shared ones are our problem. So far, the entry will be encrypted with a private key. But if you want to share the entry, the other one has to decrypt it with the same private key. I'm now looking for a solution for that. software on all our PCs, database on a server
How about using one public Keepass file and private one for each person? Getting back to a selfmade solution: If you want a more granular access control you can assign each user an asymmetric key pair and if someone shares password with a group your software encrypts the password with each public key of the group's members.
Seems to be the only workable way. We didn't use it yet because we wanted AES encryption. So I looked into encrypting the passwords with key1. And then add the user's private keys to the list of keys that could decrypt key1. Since I couldn't find a way to do so, we will probably use RSA. Thanks for your answer.

Best Answer

First i would advise against writing your own solution, there are so many ways to do it wrong, and you need to invest a lot of time to know about all important points.

You don't need to store a key anywhere, just use the key to encrypt the data then forget the key. For decrypting you use the key as entered, if the key is correct you get back the data, otherwise you get back scrambled content.

Because users do not like to type strong keys and prefere passwords, you should use a key-derivation function like BCrypt or PBKDF2 (Password-Based-Key-Derivation-Function-2), which can translate a password to a key.

comments:

For better or for worse they want to be able to retrieve the password later on: "We can't use checksums because we need to show the passwords in plaintext."
@Perseids - Maybe you misunderstood the answer, the PBKDF2 is only used to derrive a key (for encryption) from the user password, that's their original purpose. The password/key itself should not be stored at all.
I see. They do not seem to be interested in encrypting it with a user specific password for whatever reason, though (see my comment on the question).
@Perseids - Maybe they just didn't think about this possibility. For a man with a hammer, everything looks like a nail…
Using PBKDF2 would be perfect. Every user is accessing the same database which is encrypted with a symmetric key. The problem is that every user has a different password. So we would have to create the same key out of different passwords. I couldn't find a solution for that. If there is one, please give me a hint.