I am writing an application T1 which is using SQLite database to store some sensitive data and i am trying to encrypt it securely. The issue i am facing is that i don't want my symmetric key to be stored in memory as in that case any other process can take a snapshot of memory and access my keys. I have looked at many possible similar questions:
CryptProtectMemory/CryptProtectdata
But the issue with this is that it has two different options -
CRYPTPROTECTMEMORY_SAME_PROCESS or CRYPTPROTECTMEMORY_CROSS_PROCESS
The problem with CRYPTPROTECTMEMORY_SAME_PROCESS is that it restricts the access to a particular process (and my app has a seperate UI process which could also access the database) and the problem with CRYPTPROTECTMEMORY_CROSS_PROCESS is that it allows all the processes of the logged in user to access this data which kind of defeats the purpose
So what I want is an API where i can specify only a pool of processes that can access my data/key
I looked at similar options but nothing is applicable in my case:
- Using DPAPI - This ties the encryption key to your admin login but the problem is that i don't trust the currently logged user. In fact, I want to hide this from anyone but T1 and my UI process.I understand that i can add secondary entropy, to restrict the currently logged user from accessing the data.However, I need to store this secret data on the machine. How do I protect that... Appears to be recursive problem.
- External hardware or storing the key at a remote server - As the app will be deployed at many commercial endpoints(which may not have the specific hardware) and it needs to work in offline mode also(the server may not be accessible).
- Store the key in the database - I need to secure the database, which is kind of recursive in my case again.