Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m using OpenSSL in a program that decrypts a text file and then re-encrypts it with new text and a new encryption key every time the program starts. I’d like to safely store the key between instances of the program running. Is there an easy/decently safe way of doing this?
If you don’t expect hard core attacks on the machine that the application is installed on, you can always hardcode inside your application another encryption key that you would use in order to safely save the previous session
AESkey in the file system before you close the app and to retrieve it back when you start the app. You could improve a bit the security if:you don’t store the harcoded key into a single string, but instead in several strings that you then concatenate in a function
you save the file in a relatively “unknown”/unpopular location like the Isolated Storage, or Windows\Temp instead of the application folder
you use an asimetric key algorithm (makes cracking harder.. but in this case.. just a little bit)
you put other stuff (bogus) in the file not just the key