I'm working on a web application that requires securely storing user access tokens and secrets for various external systems. Right now, we're encrypting these tokens at rest using a key from AWS KMS. However, I'm looking for ways to enhance security further. My goal is to implement a user-based system where each user's tokens are encrypted with unique keys, rather than relying on a single master key for decryption. That said, my concern is that if the backend still needs to access these tokens, the solution might not be as secure as it seems because it could still be vulnerable like using one master key. I would love to explore end-to-end encryption options but recognize that it may pose challenges in this scenario. Any suggestions would be appreciated! Thanks!
3 Answers
It sounds like a complex issue! The main risk lies in whether someone gains access to one user's credentials, allowing them to access others as well. You might want to consider if the benefits of user-specific encryption outweigh the added complexity.
What about implementing field-level encryption? You can use a shared secret combined with a salt or a secret tied to the user's hashed password for added security. However, this still presents the issue of your backend knowing the user's secrets and the master key.
Have you looked into AWS KMS key wrapping? It could help you to keep each access token individually protected, which might enhance your security model significantly.
That's true, but using the user's UUID or something similar might give you a way to maintain a higher level of privacy since it wouldn't be stored directly in your database.