in open source programs
Encrypting sensitive data using a common key encryption method such as AES
If you publish key, IV with the source
Encryption is meaningless.
I thought about setting up a simple PIN code, but
for applications that start by passing arguments to an application that is immediately located with one click.
I don't even want to have a screen to enter my PIN.
Do you have any good ideas?
I'm going to make it a MIT license. This is a client application.
For general users who don't know the program,
Distribute prebuilt binaries as well.
It depends on the individual.
It is used to encrypt text data that contains data such as ID/Password.
It is not through the network.
Using individual-specific data such as ID/Password,
Generate and launch arguments for another application.
If you use AES in OSS in raw text data, key, IV will be found, so
Personal data will be leaked.
I want to do something about this.
An easy way to do this is to generate and save random keys the first time you start an application, and then use them.However, storing keys is now a problem.
For example, in Windows+.NET, you can use the OS feature to store keys using System.Security.Cryptography.RSACryptServiceProvider
for encryption.You can still read the key from malware running on the same local account, so it is not absolute.
If you don't have to assume that situation, you may just need to use the encrypted file system.
Conversely, the expected level of protection may be something that requires a dedicated security device.
Because it is impossible to protect information from all attack scenarios, trade-offs always occur.If you are unable to make a decision, you should consult a security consultant.
Why do I get caught?I think it's just a matter of how you don't get caught...
In order to communicate using a secure common key encryption system, you must safely pass the common key.
In order to do so, I think it would be easier to use the public key encryption method.
You can first pass the common key using the public key encryption method, and then communicate using the common key encryption method.
For example, to communicate securely between A (server) and B (client)...
I think it looks like this...
I don't know what kind of platform you are thinking of, so I don't know if it will be useful, but Android and others usually have a wireless LAN interface, so it seems that the key is generated based on that MAC.
MACs are, of course, accessible to third parties, but they cannot be decoded unless the actual values are available.That's a trade-off, so it's better than nothing.
What about DPAPI that encrypts with user accounts and keys tied to computers?From C#, you can easily use it with ProtectedData
.
© 2024 OneMinuteCode. All rights reserved.