-2

It may be that I have thought about this too much and have over complicated things and tied myself in a knot. I dont know a lot about encryption either so that does not help.

I have an app that has fields that are encrypted using an AES class (that I found posted here in another question) and the encrypted string is then saved in an XML file. Now the password used to encrypt each string is supplied by the user and setup the first time they use the program. This part works fine and I can encrypt and decrypt the data perfectly as I want to.

The problem I have is that the password that is used to encrypt these strings is stored in a config file within the app. Initially I figured I would use DPAPI to encrypt this password and then save in the config file and everything seemed to work exactly as I wanted. The user launched the program, setup a password, added some strings and everything encrypted fine and de-crypted fine and all worked perfectly.

The problem is this works fine on the computer the password is created on but as soon as I try to use it on another computer DPAPI throws an error (I assume because DPAPI is machine specific?)

So essentially I need a way to encrypt the password that is setup by the user on first launch and is stored in the config file but I cant use the AES class I am using to encrypt the other data as it needs a password to encrypt it!!!

As I say my AES class works perfectly at encrypting the other data but I need a way to protect the password that is stored in the app.config file other than encrypting it with DPAPI so I can use it on other devices without error.

I hope that made sense my head hurts!!!!

Any help much appreciated

Additional info:

The application is a very simple winform app that allows access to data when the correct password is entered and the program is stored on a USB stick enabling it to be connected to any computer and the data decrypted and viewed. There is no user structure you simply need the correct password to access the application and view the data. The password used to access the application is the password used to encrypt the data.

Duplicate question: The question is different because in their case DPAPI does what they require in my case it DOES NOT as I already expressed in my original question!

Craig
  • 19
  • 3
  • Why are you storing it on the configuration file? Can't you store this sensitive information on a database? Besides, how would you make the user able to login from another device if the password is stored on the original user's configuration file? – Matias Cicero Jul 06 '16 at 14:26
  • Thanks Matias. The application is a very simple winform app that allows access to data when the correct password is entered and the program is stored on a USB stick enabling it to be connected to any computer and the data decrypted and viewed. There is no user structure you simply need the correct password to access the application and view the data. The password used to access the application is the password used to encrypt the data. – Craig Jul 06 '16 at 14:35
  • You can store the password on an encrypted file instead of the configuration file. Configuration file is meant to be plain text. – Matias Cicero Jul 06 '16 at 14:40
  • Perhaps let the user enter the password again for each new device. – Magnus Jul 06 '16 at 14:45
  • The password they enter on setup is used to encrypt the data. So to decrypt the data on another machine they need to enter the password it was originally encrypted with (this works fine) The issue is I need a way to save the login password that is used to do the encryption so that it can be used on any device. – Craig Jul 06 '16 at 14:53

2 Answers2

1

You don't store the password. You ask the user to provide it.

Remus Rusanu
  • 288,378
  • 40
  • 442
  • 569
  • But i have to check if the password the user supplies is correct to access the data. The user does provide a password when they first run the program. This encrypts any data they enter using this password and a salt. When they next open the application they are asked to enter the password to view the data. They are only asked to provide a password once. – Craig Jul 06 '16 at 14:51
  • Verifying the password is trivial: if the data decrypts correctly, the password is correct. Add an [HMAC](https://en.wikipedia.org/wiki/Hash-based_message_authentication_code) to the stored data to validate it. Storing the password is **impossible** to do in a secure fashion. – Remus Rusanu Jul 06 '16 at 14:57
  • Since you tagged `dpapi`: yes, you can use DPAPI credential roaming to encrypt on one machine and decrypt on another one. But only within a domain **and there are no passwords involved**, as all encryption is delegated to DPAPI. – Remus Rusanu Jul 06 '16 at 15:02
  • But this is the crux of it DPAPI works perfectly on 1 machine. I need the encryption to work on ANY machine which is why I went to AES as it seemed DPAPI was machine dependent. I encrypted something in DPAPI on one machine and it was unreadable on another. In the context of what I am trying to do the password validation is not trivial as it is not just used to decrypt the data but also access the program. As I say everything works fine I just need a way to secure the login password. I guess I will look around at other methods of doing what I need (Maybe hashing?) Thanks for the help anyway. – Craig Jul 06 '16 at 15:09
  • You need the newer and better DPAPI: [CNG-DPAPI](https://msdn.microsoft.com/en-us/library/windows/desktop/hh706794(v=vs.85).aspx) *This new API, called DPAPI-NG, enables you to securely share secrets (keys, passwords, key material) and messages by protecting them to a set of principals that **can be used to unprotect them on different computers** after proper authentication and authorization.* User is still entering a password, but not to you, to his Windows login session. – Remus Rusanu Jul 06 '16 at 15:24
  • Thanks Remus I will have a look into that. You have given me food for thought with the "dont store a password" answer originally too. Maybe when they create the password when it is first setup instead of storing the password I can store a phrase encrypted with that password ie "Correct password" and as you say check if the phrase decrypts. If it does the password is obviously right if not it is clearly wrong. Few things to think about so thanks – Craig Jul 06 '16 at 15:33
-2

If you must store the password physically on the USB device, Don't use the password itself (or DPAPI which generate the key from the current user on the computer).

On the first setup, ask the user for a password, Hash it with a SAFE hash function (from SHA-2 family) and save the Cipher Hash(Plain password)=Cipher Later when you want to encrypt or authenticate, do it with the cipher. That way you can keep a safe copy of the passwords at your device without covering the user's password, and still use user-specific string in order to encrypt the data.

Keep in mind that this method still makes the user vulnerable to dictionary attack if an attacker got his hands on the hash.

Modus Ponens
  • 54
  • 1
  • 5
  • You are in effect storing the plain text key along with the encrypted data. Why encrypt in the first place, if the decryption key is right there? – Remus Rusanu Jul 06 '16 at 15:06
  • As i understood the question, the program will be on the USB stick while the information will stored at the designated computer, so it won't be on the same device. – Modus Ponens Jul 06 '16 at 15:56