2

I would like to encrypt some confidential information and save it to a database, and later decrypt it.

I've got all of this working fine, and I am protecting and persisting the key on Aws S3 and KMS.

Will this allow me to decrypt data indefinitely or do I have to consider anything?

Code Snippet for ConfigureServices - startup.cs

services.AddSingleton<IAmazonS3>(new AmazonS3Client(RegionEndpoint.EUWest2));
services.AddSingleton<IAmazonKeyManagementService>(new AmazonKeyManagementServiceClient(RegionEndpoint.EUWest2));

services.AddDataProtection()
        .ProtectKeysWithAwsKms(Configuration.GetSection("KmsProtection"))
        .PersistKeysToAwsS3(Configuration.GetSection("S3Persistence"));

var cipherOptions = Configuration.GetSection("CipherOptions");
services.Configure<CipherOptions>(cipherOptions);

services.AddScoped(typeof(ICipherService), typeof(CipherService));

CipherService.cs

public class CipherService : ICipherService
{
    private readonly IDataProtectionProvider dataProtectionProvider;
    private readonly string purpose;

    public CipherService(IDataProtectionProvider dataProtectionProvider, IOptions<CipherOptions> options)
    {
        this.dataProtectionProvider = dataProtectionProvider;
        this.purpose = options.Value.Purpose;
    }

    public string Encrypt(string input)
    {
        var protector = dataProtectionProvider.CreateProtector(purpose);
        return protector.Protect(input);
    }

    public string Decrypt(string cipherText)
    {
        var protector = dataProtectionProvider.CreateProtector(purpose);
        return protector.Unprotect(cipherText);
    }
}
user1754675
  • 887
  • 13
  • 32

3 Answers3

0

It almost sounds like you are asking if there is a time-limit of some sort on encrypted data(?). If so: No, there is not.

As long as you have access to the encrypted data, and the key to decrypt it with, then you should be able to decrypt it and read it whenever you like and as often as you like. Yes, indefinitely.

As a side note, it's not entirely clear if you're storing the encrypted data and the key for it in the same place. If so, that is probably a bad idea. If the point of encrypt data is to keep it secure, then there is no point if you keep the key right next to it; then you might as well store it in plain text.

In short, provided your encryption is good enough, you can store your data wherever you like; what is most important is that you can access it yourself when you need it.

As for your key, you should probably store it in at least two different places (redundancy in case you loose one somehow - otherwise, your data will be lost for ever!), and make sure that both are as safe and inaccessible to others as possible.

Kjartan
  • 18,591
  • 15
  • 71
  • 96
  • I am storing data on SQL Server and key will be stored Aws S3 Bucket which will be encrypted by AWS Key Management Service. I was only concerned when I come cross this article - https://jakeydocs.readthedocs.io/en/latest/security/data-protection/consumer-apis/dangerous-unprotect.html which states not to use if you are persisting data indefinite. – user1754675 Aug 20 '18 at 22:34
  • Well, it says it's not *primarily intended* for long term persistence, but that it is still possible. Anyway, this deals with key revocation, which I think mostly makes sense if someone else is encrypting your data for you (as in PKI, with pairs of secret and public keys). Since you are only dealing with your own private key for your data, I don't think that problem should be relevant to your situation. After all, key-revocation should only happen if the key looses it's integrity, and can no longer be trusted, which seems unlikely in your case. – Kjartan Aug 20 '18 at 22:52
  • Thanks for quick reply. How frequently keys are created ? I understood it was 90 days but my first key was created on 19 Aug and when I ran app again today it created a new key. I am not sure why did it created new one ? – user1754675 Aug 21 '18 at 09:06
  • I suppose that will depend on your app. I'm not that familiar with the details of the Core Data Protection API yet, and your question does not contain any detailed info about your program, so it's hard to say That's also why my answer is a little generic. It sounds like you've written your application to encrypt your data using a newly generated key each time though. If that is not what you want, you must necessarily input your existing key somehow, so your app knows to use it. – Kjartan Aug 21 '18 at 10:37
  • i have added code snippet so you can see what i doing, let me know ? – user1754675 Aug 21 '18 at 10:49
0

I asked something similar here. Expired keys will always be able to unprotect the data, so you should be fine. Not sure why your key would recreate before the default 90 days though.

mikelus
  • 927
  • 11
  • 25
0

If you do not delete the keys from the key store, you should be able to decrypt your data forever.

Keys will change at a fixed amount of time (default is 90 days), so after this period, if you encrypt more data, it will be encrypted using a different key.

See here.

Vlad Radu
  • 131
  • 1
  • 7