Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I\'m currently using AES 256 for the encryption of my web application and the se

ID: 659221 • Letter: I

Question

I'm currently using AES 256 for the encryption of my web application and the security policy context specifies that the encryption key must be replaced once every few months.

When that happens what handling needs to be done in particular? What I read online suggests that I'll need to decrypt the existing encrypted data with the old key and then encrypt the decrypted again with the new key. This approach may not be an ideal solution for me as my web application may have to deal with big amount of data and the process above would take quite some time. Is there a better solution around this?

Thanks

Explanation / Answer

Encryption keys can have a cryptoperiod after which those keys shouldn't continue to be used for encryption. This may be due to security policies, due to an individual who knows a key component leaving the business, due to suspicion of an encryption key compromise etc.

Often, a business will use an encryption key (let's call this keyA) for encryption for X period of time. Following that period of time a new encryption key (let's call this keyB) will be generated and used for encryption. The encrypted data will be stored with a reference to the key it was encrypted with so the application knows what key to use for decryption. Using our naming above, keyA could be considered invalid for the encryption of new data but could be used for the decryption of data encrypted using that key. KeyB may currently be valid for both encrypting and decrypting data.

As your data is probably stored according to defined data retention periods, once legacy data is purged, older keys may also be removed as they are no longer required for the decryption of data.

Per your post, decrypting and re-encrypting large volumes of data can be time consuming and process expensive.

Related Questions

I\'m creating an app in javascript/nodejs and using neo4j as database. Let\'s sa
Question #647201
I\'m creating application in C++ and found out that storing information in XML f
Question #639687
I\'m creating this program in Python that reads a .txt file, converts the conten
Question #3602052
I\'m curious about how the process of signing up for a VPN service with a short
Question #653485
I\'m curious about the \'mAh\' of a battery: how can this impact the power of th
Question #1379609
I\'m curious to learn how people discovered that electric and magnetic fields co
Question #2284605
I\'m currenetly struggling with choosing how to proceed as a programmer. I mainl
Question #654625
I\'m currently a second year undergraduate Computer Science student. I\'m having
Question #661422
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
I\'m currently trying to prove a language regular (for personal amusement). The
Next
I\'m currently using c++ visual studio. 9. Write a program that uses a two-dimen

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.