Is it possible to store the key in the clear as a variable when the program runs? That is, there is encrypted AES using the user's key data. The user enters a password, a key is generated from it, and then for a long time data is handled using this key. But if you store the key in the form of a variable, then it seems to me that it is very easy to extract it, for example, from a memory dump. How safe is this approach?
- in my opinion everything is simple. while for the program to work, its value is necessary - it will be necessary to store it and in what form it does not matter. even if you encrypt this key and decrypt it for a while, they will take it from the memory dump in encrypted form and look at the decryption algorithm in the same dump. it is necessary to minimize the risk of any access to the machine at which it is possible to obtain a memory dump of the program - Mike
|