密码加密/数据库层AES或应用层AES [英] Password Encryption / Database Layer AES or App Layer AES

问题描述

我需要加密/解密的密码为新应用程序。该规范要求我使用AES;任何人都可以提出一个很好的理由，无论是

I need to encrypt / decrypt passwords for a new application. The spec requires me to use AES; can anyone suggest a good reason to either

1. 请我所有的加密数据库层中使用CLR函数或
2. 在.net应用程序层做什么呢？
3. 数据库和服务器
的混合物

自己就要被验证密码;该应用程序使用ORM的Telerik n层。唯一真正功能将是创建/更新密码，并检查输入值。

Am going to be validation passwords; the app is n-tiered using Telerik ORM. The only real functions are going to be create/ update password and check the entered value.

在我的内心，我认为

1. 数据库是验证进入对现有的记录密码的用户提供更好的;和
2. 创建/更新密码的前端（所以明文密码绝不会传送）

我感兴趣的其他想法和建议，为什么我会做一个选择。如果你的建议我这样做在前面到底有什么身边加密密钥您的想法？每一个用户在XML中或在配置文件中每个应用程序吗？

I am interested in other thoughts and suggestions as to why i might do an alternative. If you are suggesting i do it in the front end what are your thoughts around encryption keys ? One per user in XML or one per app in a config file ?

感谢您的任何建议：）

推荐答案

不要保存密码在所有 - 。刚刚的咸的人散列

Do not store the passwords at all - just salted hashes of them.

只有加密密码的问题是相当obviouse - 你有什么地方存储密钥。如果执行客户端加密，我将只使用反射来查找code键或附加一个调试器，等待客户端从服务器获取的关键。

The problem with just encrypting a password is quite obviouse - you have to store the key somewhere. If you perform client-side encryption, I will just use Reflector to find the key in the code or attach a debugger and wait until the client obtains the key from the server.

如果您在服务器上执行加密​​，它会变得更难拿到钥匙 - 但每个人都可以访问该服务器可以使用作为mentiond之前相同的技术，因为你仍然需要在某处存储密钥。您必须加密客户端和服务器之间的连接，当然，其他人攻击变得微不足道。

If you perform the encryption at the server, it will become harder to get the key - but everyone with access to the server may use the same techniques as mentiond before because you still have to store the key somewhere. You must encrypt the connection between client and server, of course, else a attack becomes trivial.

和移动加密数据库服务器将不会发生大的变化，你将有两个连接进行加密 - 客户端和服务器之间以及服务器与数据库服务器之间的

And moving the encryption to the database server will not change much and you will have to encrypt both connections - between client and server and between server and database server.

我建议在服务器中执行加密，因为否则你必须相信客户端。当然，这需要客户端和服务器之间的安全连接。服务器和数据库服务器之间的连接可以是未加密的。

I suggest performing the encryption in the server because else you have to trust the client. This of course requires a secure connection between client and server. The connection between server and database server may be unencrypted.

这篇关于密码加密/数据库层AES或应用层AES的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！