不ProtectedData使用哪种的加密算法? [英] Which Encryption algorithm does ProtectedData use?

查看:166
本文介绍了不ProtectedData使用哪种的加密算法?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

有关密码加密我想用 ProtectedData

据我发现,这是一个包装为 CryptProtectData

As far as I found out, this is a wrapper for CryptProtectData.

在MSDN只是指出一些含糊根据用户凭证加密
和解密通常必须在同一台机器上完成,如果用户有
无漫游配置文件。

The MSDN only states something vague about encryption based on user credentials and that decryption usually must be done on the same machine, if user has no roaming profile.

它使用哪种加密算法?

Which encryption algorithm does it use?

有没有指出这种加密是否正适合口令存储?

Is there any analysis that states whether this encryption is suiting for password storage?

否则怎么实现任何分析本地密码存储?

How else to implement a local password storage?

推荐答案

的MSDN文章有更多的信息 CryptProtectData DPAPI ,并且应该包含您所需要的信息。特别是:

This MSDN article has more information about CryptProtectData and DPAPI, and should contain the information you need. In particular:

DPAPI最初生成称为MasterKey强密钥,这是由使用者的密码保护的
。 DPAPI使用称为基于口令的密钥导出一个标准加密
过程中,PKCS#5所述,
生成密码的密钥。该密码派生密钥,然后用三重DES用于加密MasterKey
,这是最后存储
在用户的配置文件目录。

DPAPI initially generates a strong key called a MasterKey, which is protected by the user's password. DPAPI uses a standard cryptographic process called Password-Based Key Derivation, described in PKCS #5, to generate a key from the password. This password-derived key is then used with Triple-DES to encrypt the MasterKey, which is finally stored in the user's profile directory.

本文适用于较旧版本的Windows,所以要根据您的Windows版本中,这些算法可能会改变,但他们可能不会比这里提到的安全程度要低。

The article applies to an older version of Windows, so depending on your Windows version, these algorithms might change, but they are probably not going to be less secure than the ones mentioned here.

这是否是适合密码存储,取决于正是你这个是什么意思,什么口令你存储,我会说一点。

Whether or not this is suitable for "password storage", depends a bit on what exactly you mean by this and what passwords you're storing I would say.

这篇关于不ProtectedData使用哪种的加密算法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆