Two way encryption strategies?

Two way encryption strategies?

  
I've got a requirement to store some sensitive data, but I need to be able to read it in plain text in the application. That means I cannot just use the encrypt() command.

Does anyone have suggestions for me as to how to encrypt/decrypt this data? Obviously, I can't store a 2 way encryption key in the database because then an attacker would be able to get it, and because we have a Web Farm of VMs that we are frequently adding to, a file or configuration stored on the local app server would not be a great idea either.

Thanks!

J.Ja
Did you look at this?
Andre -

I have. The problem is this:

"That being said, I do provide a set of primitives for encryption and decryption with a binary data key. Note that these will take binary data with exactly 256 bits (32 bytes) to serve as key. If you have a file with 32 bytes corresponding to an AES key, you can use it to encrypt / decrypt using this extension.

You can either upload the file using the upload widget or you can save it somewhere on the disk and access it using the Filesystem extension."

We have no good way of handling the key storage (that I know of), which makes a lot of 2 way encryption work tricky.

J.Ja
I see. Considering u have a farm and u have no issue in storing the key file on filesystem u could add it as a resource on the eSpace. I think it won't change much so u don't have to publish over and over again to update it
Andre -

I considered that, but it isn't really very secure. If the attacker has access to the database to get the encrypted data, then they can get the eSpace file from the deployment part of the database, and all of the keys would be right there... it would not be any more secure than hard coding the key value into the application or making it a site property. :(

This is financial data that we are going to be storing, so security is absolutely critical.

J.Ja
This sounds like a dog chasing its tail :)
You need to store the somewhere and if you need it to be safe you'll have to encrypt it and to encrypt it you need..... another key.... That needs to be stored safely...

Security needs to be considered in layers. Will you show this info on the interface? How will you protect it? Someone getting the user credentials will have access to the data. It is just a question of how much you are willing to invest to break it...
Andre -

Yes, that's unfortunately what it feels like! I think I'm going to do a bit more research, but I think that storing a file in resources as the key is the least bad idea. It's not easily faked, at the very least, and prevents the data from "leaking" unless someone 1) gets the eSpace extracted and 2) knows what to do with it.

J.Ja