How to protect a signing key?

Question

I have a need to verify the integrity of a settings file. The file is an xml document. I understand you can use readily-available functions as discussed in this stackoverflow post. I am having trouble understanding how to protect the signing key however. If I sign an xml file to act as an integrity check on it's contents the user can easily disassemble my executable and get the key and/or the way the key is generated. What methods are available for me to easily protect the key? Key containers seem to be one option but I don't see how they protect the key and/or the method used to generate said key.

Thank you!

Answer 1

When you load the key into a container you can specify that it is non-exportable. This will help protect it, but you will still need to store the file somewhere anyway, in case, for example, you get a new computer.

By the way, I did mention that marking it as non-exportable will help protect it, not guarantee its protection. It is still possible to extract a non-exportable key.

The only sure-fire method is to also ensure nobody has physical access to the computer. Physical access means you can do anything.

What this means in your case is the private key must be in a secure place as it is your digital signature. The public key to verify the signature is loaded into your program. It doesn't matter if your code is decompiled and the public key is extracted, as all it can be used for is to verify something was signed by your private key.

If somebody is going to the trouble to decompile your code to circumvent verification of the settings file, they will just change your code to skip the verification.