开发者

How to secure a static string in a windows .net app?

We are preparing to deploy a Windows .NET client app that will make web service calls back to our central server. We've been given the requirement to validate that all calls made to the web service come from our client apps and not from any other caller. It's been proposed that we pass along a security token that is common to all installations of our application. However we now have this common string to secure within the application installation. Is there an effecti开发者_开发问答ve way to reasonably protect such a string from being discovered by a hacker?

Thanks for any and all advice.


  • Use SecureString to deal with the token at all times. This way it will be a lot harder to retrieve the token from the memory.
  • Store the token as a connection string in app.config and encrypt the 'connectionStrings' section. This way the token will be secured from anyone except the user's account (through DPAPI).
  • Use SslStream to do the client-service communications. This way, your connection will be both encrypted. Coupled with the token, your communications will now be both authenticated (i.e. you know your client) and secured.


Authentication and Authorization in WCF Services - Part 1


It's called public key encryption.

  • your app send its public key to the server
  • server gives back encrypted string that must be added to some prefix
  • your app asks the server his public key
  • you app decrypts the string, add the prefix
  • encrypts with the server public key
  • send the key to the server
  • server validates

If the hacker knows your prefix that is in your binary file it wont know the suffix that the server provides, and wont be able to decrypt what you send back to the server because the hacker doesn't have the servers private key. Vulnerability is that the hacker could extract the private key in the app to decrypt the suffix. But the server can change that every few seconds if required or it can be timedependent. However time dependent can be exploited, it is better to have a variable time dependent suffix change if you choose this. At some point and with a lot of effort and a supercomputer at disposal the hacker could hack that too, by searching for a key that can decrypt all of the resulting strings that are sent back, that is why you should not generate random suffixes on the server but recycle few of them.

If you think that is too much work, you could use SecureString and encrypted connection strings. But that sure is hackable with some time at disposal because everything needed is on client side, and the hacker does not need x*2 bruteforce decrypt-ions..

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜