P
percussionplayer
Hi,
I am wondering if anyone knows how the DPAPI key management on Windows
Mobile works with the CRYPTPROTECT_LOCAL_MACHINE flag. How is the key
material is generated and stored?
The problem I'm trying to solve requires that I encrypt some data in a
file on a Windows Mobile 5 device, but the device may or may not be
password protected, so I'd like to use CryptProtectData with the
CRYPTPROTECT_LOCAL_MACHINE flag, but I can't find out anything about
how the machine key is derived, stored, etc.
It's OK if other processes running on the device are able to see and
decrypt the data, but we'd like to protect against forensic attacks.
For example, if a device were to be lost or stolen, would it be
possible for a hacker to remove the flash drive and retrieve enough
information from the physical device to decrypt the file?
Thanks,
Frank
I am wondering if anyone knows how the DPAPI key management on Windows
Mobile works with the CRYPTPROTECT_LOCAL_MACHINE flag. How is the key
material is generated and stored?
The problem I'm trying to solve requires that I encrypt some data in a
file on a Windows Mobile 5 device, but the device may or may not be
password protected, so I'd like to use CryptProtectData with the
CRYPTPROTECT_LOCAL_MACHINE flag, but I can't find out anything about
how the machine key is derived, stored, etc.
It's OK if other processes running on the device are able to see and
decrypt the data, but we'd like to protect against forensic attacks.
For example, if a device were to be lost or stolen, would it be
possible for a hacker to remove the flash drive and retrieve enough
information from the physical device to decrypt the file?
Thanks,
Frank