1

DPAPI is great for protecting sensitive information! Unfortunately, the DPAPI "optional entropy" is basically another piece of sensitive information that must be protected. Ironic.

What are some possible (sneaky) sources of "entropy" I could use that would be difficult to guess? Or alternatively, how could I protect the entropy? Steganography maybe?

FYI: I am not completely relying on the entropy itself. I will have other obstacles and layers of encryption. I just want to put up another obstacle.

Additional FYI: This is just a personal project that I am protecting out of paranoia as well as curiosity.

Chris Laplante
  • 29,338
  • 17
  • 103
  • 134

2 Answers2

2

You can use RMS (Windows Rights Management Services) which is what DRM security schemes use for very similar purposes (they keep the key, which is entropy in your case, hidden from the user but on user's account and computer). RMS again relies on DPAPI but through a system that Microsoft calls lockbox.

Teoman Soygul
  • 25,584
  • 6
  • 69
  • 80
  • 1
    @Teoman Soygul: Strange, I can't find any links on using this with .Net. Anyway, I know this is the right answer (I'll just have to do some work to implement it), so I've accepted it. Thank you! – Chris Laplante Apr 25 '11 at 20:40
  • @Teoman, this answer doesn't make sense at all. AD RMS is meant for completely different things such as protecting rights on Office documents, and is also quite complicated to setup. – Can Gencer Apr 27 '11 at 08:22
  • DRM->RMS->DPAPI (the technique in general is called 'lockbox'ing). Especially 'lockbox' stuff has very little information on it (as to keep it a secret). – Teoman Soygul Apr 27 '11 at 10:14
  • AD RMS uses DPAPI to store some sensitive information. This doesn't mean you can use RMS to store sensitive information to use as entropy for DPAPI... I think you got confused with the concepts there. AD RMS is a much bigger and complex system than DPAPI. – Can Gencer Apr 27 '11 at 13:12
2

The entropy used for DPAPI doesn't need to be necessarily sensitive information. It can be a simple salt used to protect against dictionary/rainbow table kind of attacks, alternatively it can be a user entered password if you want extra protection. The DPAPI ensures security through the user credentials, which are used as the key to encrypt the actual keys used. So the entropy could just as well be some random string that is hardcoded into your application. As long as the user credentials are well protected, your data is not at risk.

Can Gencer
  • 8,822
  • 5
  • 33
  • 52