Clarification for DPAPI encryption
I am using DPAPI encryption for encrypting web.config connection string. so once i use the command
I will be able to encrypt the connection string and its looks like below :
So my question is , any ordinary user can understand this is DPAPI encryption and
decrypt this encrypted section using the following command.
aspnet_regiis.exe -pd "connectionStrings" -app "/YouWebSiteName"
So is this a security hole?
aspnet_regiis.exe -pe "connectionStrings" -app "/YourWebSiteName" –prov "DataProtectionConfigurationProvider"I will be able to encrypt the connection string and its looks like below :
<configuration>
<appSettings/>
<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue> AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAcHu0TgBbIEyfG1RWWqIDSgQAAAACAAAAAAADZg AAqAAAABAAAACSAX+UlFBbL2xUT1mYruSgAAAAAASAAACgAAAAEAAAAODHdp8b3SFHl8S6 yVQ/Ydu4AQAAitMpkAI8SjZc349E63yEAV/mVQzOv29H2mXvz2j+2kg8FTGYV95xySZrUH ICx/i5hBq//iQNc1v/Jp0xLxJf6+K/nSQwJTnGWBn3555HJHKU8yAeQCN9Iw/6YWs/q6oV GpPwMmoSe6jS+5bHzThxQrpUqxVXB4aHKeVnAfjcdj5bIBKe9jaZ0kP31UVlB9TB5z+94G a6LNWuWWcZf/iAfrZ/EZMkEcGJE20Reb3XSm/e+LN1di2YyRxXVYV+b6MDTi7DgHC7ilZs g+/81jCn2UtW4k74wKDXrTjAS3LgWxBdFEUPnwSKbKF+/DF24MVECZ6t7oyxoPH7OqaxR/ IDnPLxHAqtd8eT9VKmzouULpQBwrO6echS1MJL8zmvCNMsLz1JnyBlwxYvst8tQs+5MCIn dQ1K9615hLiwP/JIUy9T3Hk1pCn37m8tEV+meRguS1yIOXMQ3nsPUI5d1C+Nt4068EecEk uoWujCEUHu9JcpZa2KVsnSYLix5MOEvqGPtbSMmTt7TE7leicEpEn6Hm3LWYQE2N85Skpt x5AN/Pfuwl42fMzzs07ZhRFtLDwku/a2/ZQahHIUAAAAdOITPi1vY6agWisqaA6+H/qOoc s=</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
<system.web>
<compilation debug="true"/>
<authentication mode="Windows"/>
<pages theme="Theme1" />
</system.web>
</configuration>So my question is , any ordinary user can understand this is DPAPI encryption and
decrypt this encrypted section using the following command.
aspnet_regiis.exe -pd "connectionStrings" -app "/YouWebSiteName"
So is this a security hole?
ASKER
Alright, Since DPAPI is asymmetric, there is no chance of user to get the key from network, but people with administrative privileges can easily decrypt the keys...thats fine ..even people don't have admin privilege cant decrypt the file in their local system other than in the server..i guess.. If that possible my question have a value,if no my question doesn't ?
So since key cannot be hacked from the network. there is a point in saying we need to consider hackers getting inside file system. If we consider hackers getting into file system of the server. What difference it will make when, we do a encryption as the hacker itself can make a decryption in the server ?
Or does that mean , a hacker cannot run the decrypt command who getting inside the file system?
So since key cannot be hacked from the network. there is a point in saying we need to consider hackers getting inside file system. If we consider hackers getting into file system of the server. What difference it will make when, we do a encryption as the hacker itself can make a decryption in the server ?
Or does that mean , a hacker cannot run the decrypt command who getting inside the file system?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The assumption is that we are protecting your data in the event that someone gains remote access to the web.config file NOT cases where the person gains remote/direct login access to the physical machine itself and hence the ability to execute applications on the machine. Even if a machine is not compromised, connection strings stored in plain text are accessible to administrators and any other users with sufficient privileges on the host machine and/or Windows domain.
The Windows Data Protection API (DPAPI) is the default provider and is an acceptable choice when choosing a protected configuration provider under most circumstances. However, in a Web farm environment, the RSA-protected configuration provider is a good choice because the RSA-based provider use asymmetric, public key encryption to encrypt and decrypt data keys that can be exported and imported across servers.
http://web.securityinnovation.com/appsec-weekly/blog/bid/58540/Encrypt-SQL-Connection-Strings-with-DPAPI
http://www.techrepublic.com/article/protect-aspnet-data-with-the-dpapi/1052981