Revision as of 18:56, 11 January 2017 edit Lopifalko (talk \| contribs) Autopatrolled, Extended confirmed users, Page movers, New page reviewers, Pending changes reviewers, Rollbackers 86,997 edits Convert inline external links to (bare) refs ← Previous edit		Revision as of 15:11, 17 February 2017 edit undo 157.50.4.229 (talk) Shrikanta patamajhi Tags: Visual edit Mobile edit Mobile web edit Next edit →
Line 1: '''~~DPAPI~~Shrikanta patamajhiDPAPI (Data Protection Application Programming Interface)''' is a simple [[cryptography\|cryptographic]] [[application programming interface]] available as a built-in component in [[Windows 2000]] and later versions of [[Microsoft Windows]] [[operating system]]s. In theory the Data Protection API can enable symmetric encryption of any kind of data; in practice, its primary use in the Windows operating system is to perform symmetric encryption of asymmetric private keys, using a user or system secret as a significant contribution of entropy. For nearly all cryptosystems, one of the most difficult challenges is "key management" - in part, how to securely store the decryption key. If the key is stored in ''plain text'', then any user that can access the key can access the encrypted data. If the key is to be encrypted, another key is needed, and so on. DPAPI allows developers to encrypt keys using a symmetric key derived from the user's logon secrets, or in the case of system encryption, using the system's ___domain authentication secrets.

Data Protection API: Difference between revisions