Has anyone ever dealt with this? I need a way to secure internal transactions, or in other words, make them hacker / tamper proof. If you look at most say eCommerce or affiliate back-ends, it's basically just a database with a bunch of numbers, transaction rows, etc. If someone manages to root the server, they can just modify the transaction data however the hell they want. Keep them out of your server and database is the obvious answer, but say they get in via a 0 day exploit, or whatever.
I need a way so even if / when a hacker gets into the server, they can't screw with the transaction data, while keeping it user friendly. Any suggestions on this? I was actually thinking of taking a page out of Bitcoin somewhat.
What I was thinking was public / private key pair for each user (algo tbd). To keep it user friendly, store the private key on server, but encrypted via AES256 with the user's password + salt(s). When a user successfully logs in, it will decrypt their private key and temporarily store it (server or browser tbd) for the duration of the session.
All transactions are then hashed in a specific format, and signed with ECC by all involved parties. The transactions are then constantly verified & checked for proper signatures all throughout the software, which can be done with the public key. So although the user's private keys are online, they're encrypted via multiple iterations of AES256 with various different salts, and the decrypt password isn't anywhere online (user passwords = one-way SHA512 hash).
I'm not sure, has anyone else done something similar? If so, any suggestions?
I need a way so even if / when a hacker gets into the server, they can't screw with the transaction data, while keeping it user friendly. Any suggestions on this? I was actually thinking of taking a page out of Bitcoin somewhat.
What I was thinking was public / private key pair for each user (algo tbd). To keep it user friendly, store the private key on server, but encrypted via AES256 with the user's password + salt(s). When a user successfully logs in, it will decrypt their private key and temporarily store it (server or browser tbd) for the duration of the session.
All transactions are then hashed in a specific format, and signed with ECC by all involved parties. The transactions are then constantly verified & checked for proper signatures all throughout the software, which can be done with the public key. So although the user's private keys are online, they're encrypted via multiple iterations of AES256 with various different salts, and the decrypt password isn't anywhere online (user passwords = one-way SHA512 hash).
I'm not sure, has anyone else done something similar? If so, any suggestions?
