CryptProtectData key.

[RockinFewl]

Hi all,

I'm considering to use the Data Protection API CryptProtectData, with
the flag set for CRYPTPROTECT_LOCAL_MACHINE.

The documentation says this "associates the data encrypted with the
current computer instead of with an individual user".

On what computer characteristics is the secret key (?) based then? What
computer modification may break it? Or is it possible to obtain the same
key on another computer somehow (reasonably mimiced hardware, with a
ghosted OS perhaps?)

Thanks heaps,
Koen.

 

[David Cross [MS]]

This article may help to answer some of your questions:

http://msdn.microsoft.com/library/d...-us/dnsecure/html/windataprotection-dpapi.asp

 

[RockinFewl]

This article may help to answer some of your questions:

http://msdn.microsoft.com/library/d...-us/dnsecure/html/windataprotection-dpapi.asp

Thanks for this information David --

However, it isn't entirely clear yet how the CryptProtectData /
CryptUnprotectData algorithm works when it's bound to the machine only
-- for the most part the document assumes user credentials to base keys
on, but in my case assuming fixed logons is not an option.

More specifically, I'm afraid that it's too easy to set up a ghosted
machine and then successfully decrypt data that was encrypted on the
original machine. Just this morning this was proved by a little
experiment (and yeah, getting the ghosted WinXP it to work all the way
was a pain, but then, we're not sysadmins really).

Is this expected behaviour, or is my understanding not correct?

Thanks again,

Koen.

 

[Robert Gu [MSFT]]

You should not use machine key for any sensitive data. It is not very
secure. Any admin could get the data easily.

 

[RockinFewl]

You should not use machine key for any sensitive data. It is not very
secure. Any admin could get the data easily.

Thank you all for your input!

Koen.