Where to store encryption keys?

Dave Coleman wrote:

I have a model that has inside of it a few bits of data I would like to encrypt.

I'm using ezcrypto to do the encrypting, but was wondering what your opinions are for what is the best way or place to store the encryption key?



There are couple of points to think about:

a) Your trust fabric & functionality     The question is whom do you trust & why. If the security model is that the clients trust the server and the function of encryption is to secure the channel, you can keep the keys in a file and secure it with a password which will be hard-coded in the code running in the server and client side. Anybody who has access to the server can walk away with the file and then can decrypt the pieces of data. So you are trusting the physical security of the server, which is OK.

b) Nature of keys and Key exchange mechanism     If you are using symmetric keys, you need to have a way of distributing the actual key to both the server and the client. Remember, time will come when you have many clients and servers and the key would need to change. So plan for a good and simple mechanism - manual is fine, so long as it is well documented ;o)     OTOH, if you are using certificates, then you need to distribute the public key of the server to the clients plus keep the password protected private key in the server. In this case, if you are load balancing between servers et al, you need to take care of (and document) that aspect as well.

In short, without knowing more about your application, it is better to use a public-private key paradigm, keep a password protected private key in the server and distribute the public keys as certs to the clients. A certs directory is the best place to keep these artifacts.

Cheers & hope it helps <k/>