1

I have read about aspnet_regiis for encrypting web.config sections in an ASP.net project, but I am confused how this works since the decryption key must live in plaintext on the actual server somewhere.

I would ideally like to use AES for encryption, but this requires adding the aes key to the web.config in plaintext itself, which seems useless to me. (from https://stackoverflow.com/a/8777147)

Perhaps I am missing something.. can someone explain how this encryption process is actually secure?

Community
  • 1
  • 1
Jarrod Everett
  • 761
  • 2
  • 7
  • 15
  • Secure from whom? Users outside of the web server should _not_ be able to see the Web.config. Ever. If they can, that's a security hole that needs to be plugged. Or are you talking about people who do have access to the web server? – David Jul 19 '12 at 19:55
  • "the decryption key must live in plaintext on the actual server somewhere" is an incorrect assumption. – Oded Jul 19 '12 at 19:57

2 Answers2

0

You must create a key first and than use this key in your web.config

An detailed explanation can be found here: msdn microsoft

the one under web farm scenario's is the most practical.

I think it's useful to encrypt them if you have a lot of passwords etc. in the web.config.

Cerveser
  • 752
  • 8
  • 23
0

aspnet_regiis encryption is easy to decrypt if you are able to login to a session on the machine and have access to the key.

This protects against a scenario where someone can view the file but cannot login to the machine and a scenario where the decryption key is correctly ACL'ed to a known set of users.

Under the hood it uses DPAPI and machine context specific information. I believe you can also encrypt using a user profile in which case no other user can decrypt it.

Here are some useful links:

http://weblogs.asp.net/owscott/archive/2005/07/29/421063.aspx

http://weblogs.asp.net/scottgu/archive/2006/01/09/434893.aspx

Shameer
  • 307
  • 1
  • 10