存储AES密钥的位置?
[英]Where to store AES key?
问题描述
I am creating a web application with ASP.NET MVC, And I want to store some password into database. 
我正在使用ASP.NET MVC创建一个Web应用程序,我想将一些密码存储到数据库中。
The passwords must be recoverable. 密码必须是可恢复的。 (They are not for myself, I need passwords to communicate with an API, which needs the real password) So I can't use hash algorithms or such. (它们不适合我自己,我需要密码才能与API通信,这需要真正的密码)所以我不能使用哈希算法等。
I have found that AES is a good encryption algorithm for me. 我发现AES对我来说是一个很好的加密算法。
But, the problem is: where to store AES key? 但是,问题是:在哪里存储AES密钥? Is storing in appsettings inside web.config enough? 是否足够存储在web.config中的appsettings ? How to make the key harder to find (for hackers)? 如何使密钥更难找到(黑客)?
And the next question: Any ideas to make this system safer? 接下来的问题是:任何使这个系统更安全的想法?
1 个解决方案
解决方案1
3 2012-09-13 14:32:57
It is possible to encrypt sections of .config files. 可以加密.config文件的各个部分。 Here is the msdn documentation on the subject, although you will find other walkthroughs online as well. 这是关于该主题的msdn文档 ,尽管您也可以在线找到其他演练。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.