Use of IV

Nov 25, 2012 at 3:41 PM


Thank you for providing this project. It has been an invaluable source for me in learning about encryption and it feels like I'm only scratching the surface.

I have a couple of questions about how the keys are stored in memory within your application and the use of the Initialization Vector.

With the AzureTableCryptoKeyStore class it seems like you store a dictionary of decrypted keys in memory. Is this not a potential weak point or is there a good reason for this design? If I took a memory dump of the application as it ran then theoretically I could search for complex key-like strings in the dump and find all the keys that have been loaded up to that point. What is your take on this?

I was looking at a problem where my encrypted data is much longer than the original data so I was looking at various different ways to solve that. I came across a few posts where people commented that IV's should always be created each time a key is used to encrypt data. Am I right in saying that your application is storing the IV with the key and this doesn't change no matter how often you use the key? I note the Version property but wasn't quite sure how this was used. 



Jun 9, 2014 at 4:11 PM
Hi Matt,

I don't know if you have gone any further since you posted this question here. I would love to read what you've done to prevent memory dumps?