Best practice for data security on a web application

Question

I read a couple articles on privacy/security but still cannot get a clear picture of the best practice to ensure that an attacker will not be able to access users' private information.

For storing passwords or other data that will be checked only to verify authenticity, I understand that hashing algorithms like SHA-256 are perfect candidates as the password itself doesn't need to be stored (or even known) on the server-side.

However in my case, in addition to the password, I allow users to store other secrets that the server needs to be able to decrypt for background work that will read these secrets to provide historical stats, without the user to be logged in. These "secrets" are usually api keys to external services, that could be dangerous if in the wrong hands.

A possible solution would have been to use the user session or cookies to store the secrets, but in addition to being subject to cookies or session hijacks, it requires the user to be logged in to work, and in my case I need the server to be able to decrypt and use the secrets for background tasks without the user being logged in.

So another solution would be to encrypt the secrets in the database using for example AES-256 and keeping the encryption passphrase outside the database. If the attacker gets access to the database, he cannot decrypt the user secrets. If the attacker gets access to the server's filesystem, he gets access to the passphrase, but not the DB... oh, wait a minute, why not the DB? If the attacker gets access to the server's filesystem, including config, he also gets access to the database as the connection strings are also in the config on the filesystem. So if the attacker gets access to the filesystem, he gets access to the passphrase AND the db...

I can't think of any solution to truly separate the passphrase from the db. Am I missing something? Is there any real solution to protect user secrets so that at least 2 different systems (DB / files) have to be hacked to get access the secrets, knowing that the server needs to be able to encrypt/decrypt the secrets without users help?

My project will be running in the cloud with nodejs as web server and mongodb as database and before opening it to the public I'd like to ensure it will be almost impossible for an attacker to retrieve the users secrets, which doesn't seem to be the case.

Edit: Instead of storing the passphrase in the config, I could actually pass it in the command when starting the web server (nodejs in my case). So instead of reading the passphrase from the flat config file, it reads it from the command-line. Doing that would ensure the passphrase is never written in a file (assuming I can disable the bash history) and is only in memory, which is harder to hack isn't it? The only drawback is that I need to manually start the server if it goes down, as starting automatically will start without knowing the passphrase (so I need to start it myself). But would it work? Is that a known and used practice?

Answer 1

You're right that there isn't a great solution.

Yes, entering via CLI and storing in RAM is sometimes used, but dumping ram isn't too hard. There are hardware security modules that specialize in this scenario (research this term if this problem is important enough).

Generally speaking, it's best to store it in a folder which has its permissions very restricted, then focus on hardening the server so the attacker has to do two difficult things (exploit a service, then escalate privileges). Don't store it in the database or in a directory accessible to the web user.

Encrypting it using AES would be good. If the attacker can control the plaintext or observe the ciphertext in any scenarios you'll want to take much greater precautions to ensure it's implemented correctly.