Bouke
commented
9 years ago The relevant part in the specification is the following:
We also RECOMMEND storing the keys securely in the validation system, and, more specifically, encrypting them using tamper-resistant hardware encryption and exposing them only when required: for example, the key is decrypted when needed to verify an OTP value, and re-encrypted immediately to limit exposure in the RAM to a short period of time.
The key store MUST be in a secure area, to avoid, as much as possible, direct attack on the validation system and secrets database. Particularly, access to the key material should be limited to programs and processes required by the validation system only.
Hardware encryption cannot be enforced by this package, but the encryption could be implemented.
wkschwartz
blubber
A good practice is to encrypt or hash secret keys in DB. I would suggest to implement this. (Enhancement)
While for one-off keys one way hash functions such as scrypt/bcrypt are available, that's not the option for TOTP where the actual key value is needed. Simple encryption where the encryption key is not stored in DB suffice.
Encryption of secret keys is recommended by RFC 6238.