You don't need to decrypt it in order to read/use. If you want to change then you have to decrypt it.
ASP.NET 2.0 introduced Protected Configuration model that allows to encrypt data using two Protected Configuration Providers. They are:
1.
RSAProtectedConfigurationProvider: This is the default provider and uses the RSA Public Key Encryption algorithm to encrypt and decrypt data.
2.
DataProtectionConfigurationProvider: This provider uses Windows Data Protection Application Programming Interface (DPAPI) to encrypt and decrypt data
MSDN Reads on them:
1.
DPAPI[
^]
2.
RSA[
^]
Explaination with Sample here:
Edit and Encrypt Web.Config sections using C# 2.0[
^]