.net - Changing the Shared Secret in AES Encryption -
i have used advanced encryption standard (aes) encrypt data before storing them database. understanding, if change "shared secret" part of algorithm, have update of stored data accordingly. there other way me give admin user opportunity update key without needing update huge volume of stored data while doing so?
following code i'm using encryption:
public static string encryptstringaes(string plaintext, string sharedsecret) { if (string.isnullorempty(plaintext)) throw new argumentnullexception("plaintext"); if (string.isnullorempty(sharedsecret)) throw new argumentnullexception("sharedsecret"); string outstr = null; // encrypted string return rijndaelmanaged aesalg = null; // rijndaelmanaged object used encrypt data. try { // generate key shared secret , salt rfc2898derivebytes key = new rfc2898derivebytes(sharedsecret, _salt); // create rijndaelmanaged object aesalg = new rijndaelmanaged(); aesalg.key = key.getbytes(aesalg.keysize / 8); // create decryptor perform stream transform. icryptotransform encryptor = aesalg.createencryptor(aesalg.key, aesalg.iv); // create streams used encryption. using (memorystream msencrypt = new memorystream()) { // prepend iv msencrypt.write(bitconverter.getbytes(aesalg.iv.length), 0, sizeof(int)); msencrypt.write(aesalg.iv, 0, aesalg.iv.length); using (cryptostream csencrypt = new cryptostream(msencrypt, encryptor, cryptostreammode.write)) { using (streamwriter swencrypt = new streamwriter(csencrypt)) { //write data stream. swencrypt.write(plaintext); } } outstr = convert.tobase64string(msencrypt.toarray()); } } { // clear rijndaelmanaged object. if (aesalg != null) aesalg.clear(); } // return encrypted bytes memory stream. return outstr; }
if data encrypted using 1 key ("key a"), way change key (so can decrypted e.g. "key b") decrypt all data using "key a" , re-encrypt using "key b".
i believe general technique used avoid issue encrypt data using strong "master key", encrypt master key using user's key. result, changing password requires decrypting , re-encrypting master key old , new keys (respectively), data remaining unchanged.
you don't mention database you're using, worth noting many database servers support automatic data encryption, data stored on-disk in encrypted format, , cannot decrypted , accessed unless authorised user.
if database server you're using supports this, worthwhile investigating. being transparent, no longer have worry manually encrypting/decrypting within code, , support key changing, data recovery functions (should users forget passwords etc.)
Comments
Post a Comment