How to encrypt/decrypt serialized data


M

Michael Meyer

hi,

I am writing a small client server application. The client is a desktop
application(C# .NET 2.0) and the user needs to login into the server.
The user has to enter username and password. I offer the possibility to
store username and password. I save the data into a serialized object
into the document and settings folder. Now I would like to encrypt the
stored data. Can someone give me a hint how to do this.

Regards

Michael
 
Ad

Advertisements

J

joecool1969

hi,

I am writing a small client server application. The client is a desktop
application(C# .NET 2.0) and the user needs to login into the server.
The user has to enter username and password. I offer the possibility to
store username and password. I save the data into a serialized object
into the document and settings folder. Now I would like to encrypt the
stored data. Can someone give me a hint how to do this.

I wrote an app where I work that stores, among a lot of other shit, a
username and password in an XML file. The file is loaded and saved
using XmlSerialization. All I had to do was to encrypt the info when
storing it in the class object that contained properties for the
username and password. And anytime I needed to use them to make a
connection, I decrypt the values in the class properties for username
and password. We used a commercial product, CDI Crypto to do the
encryption/decryption but from what I undertand there is a class
somewhere in .NET that handles encryption but I am not sure if it was
in .NET 2.0.
 
Ad

Advertisements

B

Ben Voigt [C++ MVP]

Michael said:
hi,

I am writing a small client server application. The client is a
desktop application(C# .NET 2.0) and the user needs to login into the
server. The user has to enter username and password. I offer the
possibility to store username and password. I save the data into a
serialized object into the document and settings folder. Now I would
like to encrypt the stored data. Can someone give me a hint how to do
this.

See
http://msdn.microsoft.com/en-us/library/system.security.cryptography.protecteddata.aspx

This will encrypt the data so that only the currently logged in user can get
to it, other users or someone who steals the hard disk will see only
garbage. Any other method will require you to provide an encryption key,
which you'll either have to get from the user, defeating the purpose of
saving their credentials, or store somewhere that your application can find
it... but if your application can find it so can a hacker. Use the
ProtectedData class so everything gets encrypted using the Windows login
credentials.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top