什么是保持解密密钥用于解密加密数据库的最好方法? [英] What's the best way to keep decryption key for decrypting encrypted database?
问题描述
我有一个加密的数据库和解密密钥。
I have a encryted database and decryption key. How to keep decryption key away from hacking(Both database hacking and unauthorizated accessing PC.)?
- 装配中的硬编码。 $
- Hardcode in assembly.
- keep in registry.
- keep in RAM.
此外,我需要算法的加密数据。
Moreover, I need algorithm for encryted data. What's the best algorith for doing this in security per decryption time term?
- RSA
- AES
感谢,
推荐答案
你提出了错误的问题:首先你需要决定你需要什么安全。然后,你需要决定是否需要对称(认为DES,共享密钥))还是非对称的(认为RSA,公钥和私钥),并且还要认真对待密钥管理,因为这通常是弱点。
You are asking the wrong questions: first you need to decide how secure you need things to be. Then you need to decide whether you want symmetric (think DES, shared key)) or asymmetric (think RSA, public and private keys), and also think hard about key management, because that is often the point of weakness.
非对称算法比对称算法慢几个数量级;它们通常用于保护对称密钥,而不是对整个数据。
Asymmetric algorithms are orders of magnitude slower than symmetric ones; they are often used to protect a symmetric key, rather than on the whole data.
这篇关于什么是保持解密密钥用于解密加密数据库的最好方法?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
