Distributing keys

Topics: Cryptography Application Block
Sep 15, 2010 at 9:39 PM

Hi,

I have an application that needs to impersonate a user on the network. It's an AD account, so I can't hash the password, instead, I am using symmetric encryption.

The problem is, this application needs to be deployed to hundreds, maybe thousands of machines, and the key is encrypted either in a by user or by machine basis.

According to the documentation, if I understood it correctly, I need to copy the key file and use the configuration tools to import the key from the file, then save the configuration and the tool will be encrypted.

This is not practical at all. I need to be able to deploy the key to multiple users without having to do manual configuration on each machine.

I guess I could encrypt the key using a public key but I am not too sure how to do this or how to configure that in Enterprise Library.

can anyone point me in the right direction?

 

thanks.

Sep 16, 2010 at 2:47 AM
Edited Sep 16, 2010 at 3:14 AM

Does creating and making use of an RSA key container an option for you?  If yes, check out this link.

You can also try the approach discussed in this thread

Sarah Urmeneta
Global Technology and Solutions
Avanade, Inc.
entlib.support@avanade.com

Sep 16, 2010 at 9:31 PM

Thanks,

I have actually found the thread  you mentioned and created a class to distribute the key.

Since in my company we are using SMS, the idea is that there is a small app. with the password protected key that will created the encrypted key for each machine as part of the deployment process, then the app will be wiped out of the machine.