Encryption using X.509

D

David Smith

I have writen a class that uses certificates to encrypt
data on my web servers prior to storing it in a database
and would like to know if there are any flaws associated
with this design. I chose this because there are no keys
to manage in configuration files and certificates are
already in use for web service security using WSE 2.0. It
takes a string and encrypts it and passes back the
ecrypted string for storage in the database. Web servers
have the public key for encryption while the backend
servers (not public facing) have the public and private
keys which can be used for encrypting and decrypting the
data for various processes.
 
J

Joe Kaplan \(MVP - ADSI\)

Generally, RSA encryption is only used for encrypting small pieces of data
(11 bits less than the key length) such as a symmetric encryption key. So,
this might work for small strings, but probably isn't a good idea for large
data.

For large data, you typically encrypt with a symmetric algorithm and then
store the symmetric key encrypted via RSA so that you can decrypt the
symmetric key with the RSA private key then perform the rest of the
decryption.

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Amazon AWS - X.509 - Shared Hosting Enviroments 0
X.509 Certificate based authentication 8
x.509 Certificates - one more time 4
Encrypt/Decrypt SOAP message by X.509 Certificate 1
Dotnetnuke Password Encryption 0
Are SSL certificates and x.509 certificates the same? 0
Using hybrid encryption/decryption 2
Python and PHP encryption/decryption 3

Members online

No members online now.
Total: 23 (members: 0, guests: 23)
Robots: 327

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,007
Latest member
obedient dusk

Latest Threads

Top