.Net加密 [英] .Net Encryption

问题描述

在这里已经提到了类似的问题，但他们的答案对我来说还不够。
我想知道的是在配置文件中加密连接字符串的确定方法。这是我的问题：

1. 使用机器级加密，任何人访问我的服务器都不能写一点.NET程序阅读连接字符串的内容？




2. 如果我将应用程序部署到企业环境中的用户计算机，并且应用程序在配置文件中具有连接字符串如何才能确保我的应用程序可以解密？该方案在ClickOnce部署方案中特别有意义。我已经阅读了有关在发布服务器上存储配置未加密的人员，并在第一次下载，安装和执行应用程序时在机器级进行加密。这听起来对我来说这样错了 - 连接字符串通过电线进行无保护的操作，并且在下载和应用程序执行之间不受保护地进行短时间的管理。




3. 拥有公钥和私钥，签署我的应用程序，用密钥加密配置文件，用户执行时，只能从签名的应用程序进行解密？




4. 由于我使用的是ClickOnce，我可以在代码中嵌入加密的敏感信息或嵌入，因为除非版本＃更改，否则ClickOnce将不会检测到更改。所以，如果我需要重新编译，如果我更改我的连接字符串，app.config的点被静音。我可以采取哪些其他方法，外部使用配置文件来实现对服务器，客户端和两者之间的连接字符串的保护？

非常感谢您的帮助。

解决方案

1. 是的。使用机器密钥加密的秘密可以通过访问机器密钥的任何进程进行解密。使用用户密钥加密的秘密可以由同一用户启动的任何进程解密。


2. 这是不可能的。所有相反的说法是蛇油。你的应用程序需要一个秘密来解密某些东西没有已知的方案可以在应用程序中隐藏秘密。有各种混淆方案，但没有防弹。你最好的办法是提高吧。


3. 不。应用程序有秘密密钥来解密某些东西，在这种情况下，您返回到第2点，或者您的应用程序具有公钥，在这种情况下，任何人都可以解密相同的秘密，因此您基本上会对配置进行验证（was没有篡改），但配置不是秘密。


4. 您无法安全地在应用程序中部署嵌入式秘密。只是一个价格多高的问题，如果你的保护资产（秘密）是值得的，那么黑客就会得到它。

加密基础设施旨在保护当前用户的秘密与其他用户。它不是为了保护应用程序的秘密而设计用于使用它的用户。您要求的不是加密，是DRM，您需要查看DRM基础设施的答案。我不知道 DRM API 。

Similar questions have been asked here, but their answers are not enough to me. What I would like to know is the definite approach to encrypting connection strings in a config file. Here are my questions:

1. Using machine-level encryption, can't anybody accessing my server write a little .Net program to read the contents of the connection strings?

2. If I am deploying my application to users machines in an enterprise environment, and the application has connection strings in a config file, how can I make sure only my application can decrypt it? The scenario is especially interesting in a ClickOnce deployment scenario. I've read about people storing the config unencrypted at the publisher server and encrypting at the machine level when the app is downloaded, installed and executed for the first time. This sounds so wrong to me - connection strings zipping unprotected through the wire, and sitting unprotected for a brief amount of time between download and application execution.

3. Can I have a public and private key, sign my app, encrypt the config file with a key, and when the user executes it, decryption would only be possible from the signed application?

4. Since I am using ClickOnce, I could have my encrypted sensitive information in the code or embedded, because ClickOnce won't detect a change unless the version # changes. So, if I need to recompile if I change my connection string, the point of an app.config is muted. What other approaches can I take, out-side using an config file, to achieve protection of the connection strings at the server, client and in between?

Thank you so much for your help.

解决方案

1. Yes. Secrets encrypted with the machine key can be decrypted by any process with access to the machine key. Secrets encrypted with the user key can be decrypted by any process started by the same user.
2. This is not possible. All contrary claims are snake oil. You application needs a secret to decrypt something. There are no known schemes to hide a secret inside an application. There are various obfuscation schemes, but nothing bulletproof. The best you can do is to raise the bar.
3. No. Either the application has the secret key to decrypt something, in which case you go back to point 2, or your application has the public key, in which case anyone can decrypt the same secret, so you basically do a validation of the configuration (was not tampered with), but the configuration is not secret.
4. You cannot deploy embedded secrets in an application securely. Is just a matter of how high is the price, if your protected asset (the secret) is worth it, then a hacker will get it.

The encryption infrastructure is designed to protect the secrets of the current user from other users. It is not designed to protect the secrets of an application from the user using it. What you ask for is not encryption, is DRM, and you need to look into the DRM infrastructure for answers. I'm not aware of a managed library around the DRM API.

这篇关于.Net加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！