Security and DPAPI¶
JustWare utilizes the Data Protection Application Programming Interface (DPAPI) to provide client-side security. By using DPAPI, JustWare ensures that your data is secure and provides the confidentiality necessary when dealing with sensitive data.
DPAPI protects confidential information using value data that is derived from a master key. A master key is a pseudo-random 512-bit number. Each user account has one or more randomly generated master keys. Each master key contains the data that is required to decrypt all the user's confidential information. To protect the master key, a value is derived from the user's password and then used to encrypt the master key.
DPAPI is a Windows-based standard that was implemented in Windows 2000 and has been a key component of Windows security in every iteration since. There are a number of reasons that Microsoft uses DPAPI, as stated in the article "Windows Data Protection" on msdn.microsoft.com:
- It uses proven cryptographic routines, such as the strong Triple-DES algorithm in CBC mode, the strong SHA-1 algorithm, and the PBKDF2 password-based key derivation routine.
- It uses proven cryptographic constructs to protect data. All critical data is cryptographically integrity protected, and secret data is wrapped using standard methods.
- It uses large secret sizes to greatly reduce the possibility of brute-force attacks to compromise the secrets.
- It uses PBKDF2 with 4000 iterations to increase the work factor of an adversary trying to compromise the password.
- It sanity checks MasterKey expiration dates.
- It protects all required network communication with domain controllers by using mutually authenticated and privacy protected RPC channels.
- It minimizes the risk of exposing any secrets, by never writing them to disk and minimizing their exposure in swappable RAM.
- It requires Administrator privileges to make any modifications to the DPAPI parameters in the registry.
- It uses Windows File Protection to help protect all critical DLLs from online changes, even by processes with Administrator privileges.
Each of the encrypted files is passed from the client to the Web server and stored on the client disk in the user profile. Encrypting them is important to maintaining data integrity.
DPAPI and Roaming Profiles¶
A roaming user profile allows a user connected to a Windows Server domain to log on to any computer on the same network and access their local files and settings across the network. For users and computers that are joined to an Active Directory domain, DPAPI works as expected with roaming profiles. This means that DPAPI data that is stored in the profile exhibits the same behavior as any other setting or file stored in the roaming profile. When a user logs on to a computer, the confidential information that the DPAPI helps protect is downloaded from the central profile location. Likewise, when a user logs off a computer, the confidential information is uploaded back to the central profile location.
Attention: JustWare Administrators should inform their users that they should only be logged on to a single computer in the domain at a time.
In order for DPAPI to work correctly with roaming profiles, the domain user must only be logged on to a single computer in the domain. Users wanting to log on to a different computer in the same domain must log off the first computer. Otherwise, it is unlikely that DPAPI will be able to decrypt existing encrypted data correctly.
The master key and data on one computer can be decrypted by the DPAPI on another computer. This is possible because the user's password is consistent and is stored and verified by the domain controller.
Important: Microsoft has noted a limitation with roaming profiles. This limitation exists in these two instances:
- Between Windows XP-based computers and Windows 2000-based computers
- Between Windows Server 2003-based computers and Windows 2000-based computers
If you are logged on with a roaming user profile, and keys are generated or imported on a Windows XP-based computer or a Windows Server 2003-based computer and then stored in a roaming profile, DPAPI cannot decrypt these keys on a Windows 2000-based computer. However, this limitation does not exist in the reverse. Keys generated on a Windows 2000-based computer can be decrypted by a Windows XP-based computer or a Windows Server 2003-based computer.