store password secure in INI

bSecRes · 19th July 2003, 14:22

There are still a couple problems. 1st, how do you do the encryption to make it effective? User gives you a password and you read it from an inifile in the clear. Next, you take the password send it through the encryption program and out comes the encrypted hash. What method will the encryption program use? If you decide to use a one-way hash like md5 then great. But, if you will need the password in the clear again later, you have to use a two-way algorithm and a key. So either your installer has to know that key or the encryption program has to know the key. You can't rely on the security of the compiled installer to protect the key. Can you rely on the security of whatever other binary you're going to use to do the encryption?

I just re-read your post and it seems you need to go both ways and that you'll have to store the key in the installer (the installer is not a secure place to store a key). If this is important enough that you already considered all of this, I bet this isn't the right solution. Why couldn't you use md5 sums and compare hashes from there after?

The other problem I see with your scheme is that you assume no one can recover inifiles once the installer deletes them. I haven't tested this yet but I'm pretty sure it isn't hard to retrieve these files. Lots and lots of programs can find deleted files (even old swap and virtual memory files... always scary).

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

19th July 2003, 14:22	#1
bSecRes Junior Member Join Date: Jul 2003 Location: LA USA Posts: 37	There are still a couple problems. 1st, how do you do the encryption to make it effective? User gives you a password and you read it from an inifile in the clear. Next, you take the password send it through the encryption program and out comes the encrypted hash. What method will the encryption program use? If you decide to use a one-way hash like md5 then great. But, if you will need the password in the clear again later, you have to use a two-way algorithm and a key. So either your installer has to know that key or the encryption program has to know the key. You can't rely on the security of the compiled installer to protect the key. Can you rely on the security of whatever other binary you're going to use to do the encryption? I just re-read your post and it seems you need to go both ways and that you'll have to store the key in the installer (the installer is not a secure place to store a key). If this is important enough that you already considered all of this, I bet this isn't the right solution. Why couldn't you use md5 sums and compare hashes from there after? The other problem I see with your scheme is that you assume no one can recover inifiles once the installer deletes them. I haven't tested this yet but I'm pretty sure it isn't hard to retrieve these files. Lots and lots of programs can find deleted files (even old swap and virtual memory files... always scary).