0

We are designing a system that will act as a store and forward system for messages containing sensitive information. Periodically our system will collect data that will need to be routed to clients. Our clients will use software provided by us to call our web service and get their messages- at which point the messages are deleted from our system.

What we want to prevent, is that in the case of our server being compromised, that the intruder cannot read the messages on our system.

We considered using public/private key encryption to encrypt the message prior to storing it in our database, then have our client software decrypt the message after receives the message. However this seems sort of backwards, since the public key would be on our server and the private key would be distributed with the client software.

Using this, we surmise, that the intruder would have to have hacked our server and gained access to the key in the client software in order to read the messages--a much less likely scenario.

What are the holes in this approach? Are there any alternative approaches?

Thanks Much.

MB

user1211560
  • 1
  • Are you really asking for a security audit on your design, or do you have a programming question? – Arafangion Feb 15 '12 at 14:55
  • http://stackoverflow.com/questions/70450/is-it-worth-encrypting-email-addresses-in-the-database <-- Duplicate? – Arafangion Feb 15 '12 at 15:02
  • Not a duplicate because only the public key would be stored on the server, therefore gaining access to the server would not allow you to decrypt the information unless you had the private key. – user1211560 Feb 15 '12 at 15:46

1 Answers1

0

Its only backwards when you think about it as a client/server relationship. Instead consider Alice and Bob, where Alice is the server and Bob is the client.

Alice collects some information which she wants to store for Bob. She uses Bob's public key to encrypt the information until she can deliver it to Bob. Once Bob is available Alice sends the encrypted information to Bob who then decrypts it with his private key.

The only thing you need to do is to have different key pairs for each client. This can be handled through some kind of authorisation process when the client is setup. The client stores its private key and the server stores the client's public key. If the server is compromised then the data is still safe as it can only be decrypted by the client's private key. If a client is compromised then its only that client which is affected, and not every other client as well.

roo
  • 7,106
  • 8
  • 39
  • 45