![]() This method also requires some sort of key store (see above). It depends - if you have the facility to maintain multiple keys and a way to tie back ciphertext to key, then you wouldn't have to decrypt and re-encrypt data with the new key. When you take into consideration key rotation, storing keys in a database will likely reduce headaches of key management in the future. Database can provide a more secure storage facility but then you have to manage much more than the contents of the file. ![]() Storing the keys on a file is easier than storing the key in a db but you'd have to have protections for the file. ![]() With symmetric encryption, the level of confidentiality depends on the protection of the keys. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |