Questions re: Asymmetric cryptography
Here's what I want to do, in a nutshell:
Using asymmetric crypto, I'd like to set a hidden ASPX page that takes 4 items, passed to it in a form (let's say), encrypt them, then stuff them into a SQL database. Reason for using an asymmetric algorithm: encrypt with a public key, decrypt with a private key. Once the row has been inserted into SQL, go back to the originating app. This is basically a web app that sits in SSL, which will capture certain timely information, encrypt it (HIPAA/SOX reasons) & store it in a DB, until such time as the Admin staff (with the private key) can retrieve it and process it. This page has no output; success or failure of the DB transaction will dictate its next move.
So my question(s) - being a crypto n00b:
1. Is there a better/cheaper/faster/costs less/less filling way to do this?
2. If I go forward with this as described:
2a. What's the best way to create a public/private key pair?
2b. How do I make the public key accessible to the ASPX page for encryption purposes? A key container?
3. What am I missing here? ;)
I'm considering posting this outside of the security forum, too - think there's any merit?
Thanks in advance! All suggestions, advice, (code! haha) and help greatly appreciately!
Jake
# 1 Re: Questions re: Asymmetric cryptography
Hi
You may want to keep all of the encryption/decryption server-side. If you exposed the insert functionality via a web service, but only exposed the select query functionality internally, then you could use symmetric encryption, which is faster and needs less setting up.
I presume your suggested setup means that the encyption functionality would actually be on the client, or the keys would be exposed to the client. In this case, using asymmetric crypto, you'd have to distribute certificates to the clients, and ensure that those clients trusted the CA.
If you don't associate asymmetric keys with certificates, then your communications are susceptible to a man in the middle attack:
A sends public key to B
B encrypts message using A's public key
B sends message to A
A decrypts using A's private key
Everything secure? No.
A sent public key, which was intercepted by C
C sends C's public key to B instead of A's
B encrypts message with C's public key (thinking it was A's public key)
C intercepts message
C decrypts message with C's private key
C changes message
C encrypts with A's public key (intercepted earlier)
C sends message to A
A decrypts, thinking message was from B
Using certificates means that you can trust the public key ie. it was verified by a Certificate Authority that you both trust.
If you want to create public key certificates, then install Windows Certificate Services on your machine (for Win 2000 and 2003 Server). Just pop in the 2000/2003 Server install disc and choose to install Certificate Services.
The only encryption and decryption I've done using this is using encryption/decryption of XML. However, look in the System.Security namespace for .Net 2.0 and there'll be rich functionality to cover what you need.
If you're still using .Net 1.1, then don't use the system.Security namespace. .Net 1.1 did not link cryptography to private keys in the certificate store. Instead, use CAPICOM, which is a COM based wrapper around the CryptoApi.
Hope this helps
Chris Seary
