Encryption using X.509

Discussion in 'ASP .Net Security' started by David Smith, Apr 6, 2005.

  1. David Smith

    David Smith Guest

    I have writen a class that uses certificates to encrypt
    data on my web servers prior to storing it in a database
    and would like to know if there are any flaws associated
    with this design. I chose this because there are no keys
    to manage in configuration files and certificates are
    already in use for web service security using WSE 2.0. It
    takes a string and encrypts it and passes back the
    ecrypted string for storage in the database. Web servers
    have the public key for encryption while the backend
    servers (not public facing) have the public and private
    keys which can be used for encrypting and decrypting the
    data for various processes.
    David Smith, Apr 6, 2005
    #1
    1. Advertising

  2. Generally, RSA encryption is only used for encrypting small pieces of data
    (11 bits less than the key length) such as a symmetric encryption key. So,
    this might work for small strings, but probably isn't a good idea for large
    data.

    For large data, you typically encrypt with a symmetric algorithm and then
    store the symmetric key encrypted via RSA so that you can decrypt the
    symmetric key with the RSA private key then perform the rest of the
    decryption.

    Joe K.

    "David Smith" <> wrote in message
    news:0db001c53a4a$a5b04230$...
    >I have writen a class that uses certificates to encrypt
    > data on my web servers prior to storing it in a database
    > and would like to know if there are any flaws associated
    > with this design. I chose this because there are no keys
    > to manage in configuration files and certificates are
    > already in use for web service security using WSE 2.0. It
    > takes a string and encrypts it and passes back the
    > ecrypted string for storage in the database. Web servers
    > have the public key for encryption while the backend
    > servers (not public facing) have the public and private
    > keys which can be used for encrypting and decrypting the
    > data for various processes.
    Joe Kaplan \(MVP - ADSI\), Apr 6, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Patrick
    Replies:
    1
    Views:
    1,655
    Steven Cheng[MSFT]
    Sep 15, 2004
  2. J. M.

    Generate X.509 Certificates

    J. M., Aug 1, 2003, in forum: Java
    Replies:
    4
    Views:
    4,869
    Roedy Green
    Aug 10, 2003
  3. Replies:
    0
    Views:
    537
  4. RamRod

    XMLSPY X.509 Certficate

    RamRod, Sep 28, 2004, in forum: XML
    Replies:
    0
    Views:
    406
    RamRod
    Sep 28, 2004
  5. emrefan
    Replies:
    6
    Views:
    3,120
    emrefan
    Aug 29, 2006
Loading...

Share This Page