Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

One of my software (an R package) has to save on disk users sensitive informatio

ID: 653399 • Letter: O

Question

One of my software (an R package) has to save on disk users sensitive information.

I encrypt such information using AES encryption using a random key that is generated at the moment of installation (which is saved in the same directory where I store the user profile).

I am trying to find a way to obfuscate the key and avoid other users on the same machine to access the other users key (the key are of course have read permissions only for the users who created the, but super users can use the key and read other profiles).

I would like to know:

1. is it really necessary worrying about superusers? My gut feeling says no: in princible whathever the encryption method a superuser can read all the files and ultimately any kind of keys of the users;

2. is ther a better way store a user profile other than encrypting it using AES or any other method?

Explanation / Answer

is it really necessary worrying about superusers? My gut feeling says no: in princible whathever the encryption method a superuser can read all the files and ultimately any kind of keys of the users;

Kind of. Even if the file is encrypted and the decryption is only done within the process the superuser has on most systems access to the process memory and can thus extract the decrypted data from there. Of course it takes way more knowledge to do that instead of just reading the plain file.

is there a better way store a user profile other than encrypting it using AES or any other method?

That's not an easy question and depends a lot on the environment you work in, how you trust your users, how the overall security is, how sensitive the data are and maybe also a corporate policy or similar restrictions. If you don't trust the superuser or fear a system compromise then simply don't store and handle any sensitive data on the system. If users can be tricked into executing code on the system then it will not help if the files are encrypted but can be decrypted without user interaction...

In short: there is no general answer. There is no 100% security and you have to evaluate the risks in your environment and which risks are acceptable. Based on this you can then go the cheap high-risk way or the costly low-risk way or something in between. In some cases "better" means easier usability at the cost of a higher risk, in other cases "better" is low risk even if it causes usability problems and other costs. Having the key together with the encrypted data is definitely high risk which might be lowered but not eliminated by obfuscation of the key and anti-debugging features in the decryption software.

Related Questions

One object is at rest, and another is moving. The two collide in a one-dimension
Question #2095399
One object is at rest, and another is moving. The two collide in a one-dimension
Question #2141050
One object is at rest, and another is moving. The two collide in a one-dimension
Question #2207103
One object is at rest, and another is moving. The two collide in a one-dimension
Question #2298929
One object is at rest, and another is moving. The two collide in aone-dimensiona
Question #1668993
One object is at rest, and another is moving. The two collide in aone-dimensiona
Question #1672998
One object is at rest, and another is moving. The two collide in aone-dimensiona
Question #1764208
One object is moving and one object is at rest. The two objects then collide in
Question #1483015
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
One of my patients, a well-respected citizen in our small community, came to see
Next
One of my telescopes is a 90 mm diameter Meade ETX, a type of Maksutov-Cassegrai

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.