Cryptography Application Block on a cloud hosting environment?

Topics: Building and extending application blocks, Cryptography Application Block
Mar 25, 2009 at 1:03 AM
We are trying out the Mosso cloud hosting for our web applications, and ran into a problem, and we are wondering if anyone has encountered anything similar, and if so, is there a workaround?

Our application uses the Cryptography Application Block to encrypt/decrypt passwords, login ids, credit card numbers and other sensitive information.

Unfortunately, in a cloud environment, we are unable to generate a machine specific key that the Cryptography Application Block requires. 

Some questions:

1. Is there an alternative way in the Enterprise Library to manage the encryption keys that does not require a machine specific key?
2. Is there a way to do the cryptography through the sql server?
3. What would offer a comparable level of security, if the Cryptography Application Block is not going to work in a cloud hosting environment?
Mar 25, 2009 at 12:11 PM

Hi, <o:p></o:p>

Just my ideas on your questions. J<o:p></o:p>

Maybe you could add a hard coded variable and assigned your key or put your key in a file.
Yes. You could use SQL Server to store your encrypted value/key.
As I understand Cloud hosting environment may not give you complete control on your apps.  But this does not mean Ent Lib application blocks were not applicable.  If ever Cryptography Application block will not work then security condideration practically will be handled by the host, just a practical guess.