Anonymous_User Absent Member.
Absent Member.
605 views

Local cache is encrypted but ...


I have a question from a Security Manager: Which algorithm is used to
encrypt the SecureLogin local cache ?

I have tried to find this info but (until now) I did not find it ...

Tx for your help ...

Stephan


--
Spauwels
------------------------------------------------------------------------
Spauwels's Profile: https://forums.netiq.com/member.php?userid=272
View this thread: https://forums.netiq.com/showthread.php?t=46728

0 Likes
2 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Local cache is encrypted but ...

I do not know that anybody will know this offhand, but I'm 90% sure it's
using symmetric encryption with (unless you've disabled it for the user) a
passphrase to access the key involved (AES or 3DES is what these things
usually use). I'll ask some contacts to see what I can find but I'd bet
it's one of those.

Good luck.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Local cache is encrypted but ...

Bonus of being at BrainShare: I asked a developer about this specific
question.

The developer configured that the same configurable option used for
encryption within eDirectory extends to the encryption of the cache on the
workstation. Also, SecureLogin is now FIPS compliant so the encryption
complies with right industry (specifically, government) standards beyond
merely using encryption from random source (certainly nothing home-grown).

Good luck.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.