However, if you want to maintain just one key, each key rotation will require you decrypt data with the old key andĪgain, it depends. This method also requires some sort of key store (see above). It depends - if you have the facility to maintain multiple keys and a way to tie back ciphertext to key, then you wouldn't have to decrypt and re-encrypt data with the new key. When you take into consideration key rotation, storing keys in a database will likely reduce headaches of key management in the future. Database can provide a more secure storage facility but then you have to manage much more than the contents of the file. Storing the keys on a file is easier than storing the key in a db but you'd have to have protections for the file. With symmetric encryption, the level of confidentiality depends on the protection of the keys.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
February 2023
Categories |