2

I am generating an AES key as in follows and converting the key into a string.

 try{
      SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();

      String encodedKey = Base64.getEncoder().encodeToString(secretKey.getEncoded());

    }catch(Exception ex){}

Now I need to store and distribute this key to a different location ( eg : Different server ). The idea is to perform the encryption and decryption in two different locations using the same shared key.

Please let me know the best way to store this string value securely. I know the Keystore is not an option here because it is used for PKI.

Limit
  • 3,191
  • 1
  • 16
  • 35
user3496510
  • 1,257
  • 2
  • 12
  • 26

1 Answers1

1

Storing the key:
As mentioned in this answer you can store the secret key safely in two ways:

  • A key file
  • A config file

You have to ensure that both of these files are not visible to everyone and neither can be served by the web server.

Distributing the key:
As for distribution, you can send the key via an SSL communication between the servers. This will ensure that you are sharing the key with legitimate parties and also handle the secure channel to distribute the key.

Community
  • 1
Limit
  • 3,191
  • 1
  • 16
  • 35