Content deleted Content added
Linkrot |
Filled in 6 bare reference(s) with reFill () |
||
Line 1:
'''DPAPI (Data Protection Application Programming Interface)''' is a simple [[cryptography|cryptographic]] [[application programming interface]] available as a built-in component in [[Windows 2000]] and later versions of [[Microsoft Windows]] [[operating system]]s. In theory the Data Protection API can enable symmetric encryption of any kind of data; in practice, its primary use in the Windows operating system is to perform symmetric encryption of asymmetric private keys, using a user or system secret as a significant contribution of entropy.
Line 6 ⟶ 5:
The DPAPI keys used for encrypting the user's RSA keys are stored under <code>%APPDATA%\Microsoft\Protect\{SID}</code> directory, where {SID} is the [[Security Identifier]] of that user. The DPAPI key is stored in the same file as the master key that protects the users private keys. It usually is 64 bytes of random data.
In 2010 [[Elie Bursztein]] and [[Jean-Michel Picod]] presented an analysis of the protocol titled ''Reversing DPAPI and Stealing Windows Secrets Offline'' at Black Hat DC 2010.<ref>{{cite web|url=https://www.blackhat.com/html/bh-dc-10/bh-dc-10-briefings.html|title=Black Hat ® Technical Security Conference: DC 2010 // Briefings|website=Blackhat.com|accessdate=14 October 2017}}</ref> In addition to their briefing, Bursztein and Picod released DPAPIck which allows offline decryption of data encrypted with DPAPI. In 2012 Passcape Software published in their blog more detailed article on DPAPI internal logic<ref>{{cite web|url=http://passcape.com/index.php?section=blog&cmd=details&id=20|title=Show blog article|website=Passcape.com|accessdate=14 October 2017}}</ref> and presented a tool<ref>{{cite web|url=http://passcape.com/windows_password_recovery_dpapi_decoder|title=DPAPI recovery|website=Passcape.com|accessdate=14 October 2017}}</ref> for fully offline DPAPI decryption and analysis. Unlike previous one, the tool utilizes some old Windows bugs (for example, you can decrypt Windows 2000 DPAPI blobs without knowing the owner logon password) and is fully compatible with Windows 8 DPAPI data structure. In Windows 8 Microsoft changed the way the DPAPI logic works. Now multiple user keys can be used to derive an encryption key to decrypt the user masterkey which is used then to decode a single DPAPI blob.
==Security properties==
DPAPI doesn't store any persistent data for itself; instead, it simply receives plaintext and returns ciphertext (or vice versa).
DPAPI security relies upon the Windows operating system's ability to protect the Master Key and [[RSA (algorithm)|RSA]] private keys from compromise, which in most attack scenarios is most highly reliant on the security of the end user's credentials. A main encryption/decryption key is derived from user's password by [[PBKDF2]] function.<ref>{{cite web|title=Windows Password Recovery - DPAPI Master Key analysis|url=http://www.passcape.com/windows_password_recovery_dpapi_master_key|website=Passcape.com|accessdate=2013-05-06}}</ref> Particular data [[binary large object]]s can be encrypted in a way that [[Salt (cryptography)|salt]] is added and/or an external user-prompted password (aka "Strong Key Protection") is required. The use of a salt is a per-implementation option - i.e. under the control of the application developer - and is not controllable by the end user or system administrator.
Delegated access can be given to keys through the use of a [[COM+]] object. This enables [[Internet Information Services|IIS]] [[web servers]] to use DPAPI.
Line 20 ⟶ 19:
*Picture password, PIN and fingerprint in [[Windows 8]]
* [[Encrypting File System]] in Windows 2000 and later
* SQL Server [[Transparent Data Encryption]] (TDE) Service Master Key encryption<ref>{{cite web|url=https://msdn.microsoft.com/en-us/library/ms189586(v=sql.110).aspx|title=Encryption Hierarchy|website=Msdn.microsoft.com|accessdate=14 October 2017}}</ref>
* [[Internet Explorer 7]], both in the standalone version available for [[Windows XP]] and in the integrated versions available in [[Windows Vista]] and [[Windows Server 2008]]
* [[Windows Mail]] and [[Windows Live Mail]]
Line 27 ⟶ 26:
* Windows [[Rights Management Services]] client v1.1 and later
* [[Windows 2000]] and later for [[Extensible Authentication Protocol#EAP-TLS|EAP/TLS]] ([[VPN]] authentication) and 802.1x ([[WiFi]] authentication)
* Windows XP and later for Stored User Names and Passwords<ref>{{cite web|url=https://technet.microsoft.com/en-us/library/bb457059.aspx|title=What's New in Security for Windows XP Professional and Windows XP Home Edition|website=Technet.microsoft.com|accessdate=14 October 2017}}</ref> (aka Credential Manager)
* [[.NET Framework]] 2.0 and later for System.Security.Cryptography.ProtectedData<ref>{{cite web|url=http://msdn2.microsoft.com/en-us/library/system.security.cryptography.protecteddata.aspx|title=ProtectedData Class (System.Security.Cryptography)|website=Msdn2.microsoft.com|accessdate=14 October 2017}}</ref>
* Microsoft.Owin (Katana) cookie authentication (when self hosting)<ref>{{cite web|title=CookieAuthenticationOptions.TicketDataFormat Property (Microsoft.Owin.Security.Cookies)|url=http://msdn.microsoft.com/en-us/library/microsoft.owin.security.cookies.cookieauthenticationoptions.ticketdataformat(v=vs.113).aspx|accessdate=2015-01-15}}</ref>
==References==
{{
==External links==
| |||