Click here to Skip to main content
15,888,113 members
Search within:


How can I secure my key in C# code?
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
C#
DES
Tool : Windows 7 64 bit OS, Visual Studio 2012, Install Shield to create setup.

I have one windows form application. I have used DES algorithm to Encrypt and Decrypt data. For this purpose I have used one Key(Secret key to encryption). How can I secure this key so that no one can get it and not able to decrypt my data.

What I have tried:

I have tried to put this key in registry. But one can easily get this key from registry editor.
Posted
Updated 6-Jun-16 20:48pm
Add a Solution
Comments
Sergey Alexandrovich Kryukov 7-Jun-16 2:45am    
This is simply impossible. Isn't it obvious? DES is a symmetric algorithm, the same key is used for encryption and decryption. Let's say, you deploy encrypted data to some computer. But to be useful, the data should be eventually decrypted and, hence, accessible. So, what's the point?

All encryption models are based on at least one unknown key. The problem is not finding some solution, the real problem is to formulate the problem. You need to learn some encryption basics and explain what exactly you want to achieve. For that purpose, you have to explain the whole scenario. Who has limited access to some data, why, what should be accessible and what not, and so on.

—SA

3 solutions

If your application needs it, then pretty much you can't.
The problem is that if your app needs the key value to decrypt your data, then it needs to be able to read it from somewhere. Which means that any other application can also read it from the same location if it does the same things. No key which is "known" to one application is "secure" from other applications, as even the code that fetches the key can be read and duplicated (particularly in .NET where decompilers are relatively simple). You could obfuscate the code, but that doesn't prevent it completely, just slow down understanding of the code.

The only secure way to provide a key is to have a user type it in each time.
Sorry.
 
Share this answer
 
Posted
You can you RSA with public and private key to protect your data.

you will get more information
RSA Algorithm With C#[^]
 
Share this answer
 
Posted
There are multiple ways to secure your key, but it depends upon how you create your key.
One way to create a dynamic key for encryption and decryption so there is no need to store it anywhere.
e.g. you can pick a HDD serial no and encrypt your key and use same for decryption (In this case you do not need to store it any where, just fetch HDD serial no each time dynamically, or you can use Processor ID instead)
One possibility is to query the database for the encryption key, you can store it in database, it has its own encryption key. see below link
Encrypt a Column of Data[^]
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
code for generate security key automatically?
How can I write correct code to solve the equation in C
Convert coding from C++ to C
Convert this C++ code to C
Convert Python to C code
How to encrypt a file with public key and decrypt with private key and passphrase
Use of keys in the program
Combine Key (ctrl+v +c ...) for OnKeyDown
i want to change c code to assembly
Converting C# code to C code

Advertise
Privacy
Cookies
Terms of Use
Last Updated 7 Jun 2016
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900