Encrypt decrypt data using c#

The RijndaelManaged class does indeed normally require you to "muck about" with byte arrays, salts, keys, initialization vectors etc. The following class is one I wrote a while ago to perform exactly the kind of thing you're after, a simple single method call to allow some string-based plaintext to be encrypted with a string-based password, with the resulting encrypted string also being represented as a string.

Of course, there's an equivalent method to decrypt the encrypted string with the same password. Unlike the first version of this code, which used the exact same salt and IV values every time, this newer version will generate random salt and IV values each time. Since salt and IV must be the same between the encryption and decryption of a given string, the salt and IV is prepended to the cipher text upon encryption and extracted from it again in order to perform the decryption.

The result of this is that encrypting the exact same plaintext with the exact same password gives and entirely different ciphertext result each time.

The "strength" of using this comes from using the RijndaelManaged class to perform the encryption for you, along with using the RfcDeriveBytes function of the System.

Cryptography namespace which will generate your encryption key using a standard and secure algorithm specifically, PBKDF2 based upon the string-based password you supply. Finally, it's important to note that this is still unauthenticated encryption. Encryption alone provides only privacy i.

Without knowing your exact requirements, it's difficult to say whether the code here is sufficiently secure for your needs, however, it has been produced to deliver a good balance between relative simplicity of implementation vs "quality". For example, if your "receiver" of an encrypted string is receiving the string directly from a trusted "sender", then authentication may not even be necessary.

If you require something more complex, and which offers authenticated encryption, check out this post for an implementation. You can download a simple VS sample solution which includes a few unit tests here. If you are targeting ASP.

See this article for more details. If you need to store a password in memory and would like to have it encrypted you should use SecureString :.

See this page for an implementation example:. You may be looking for the ProtectedData class, which encrypts data using the user's logon credentials. It does involve using bytes, but when it comes down to it you kind of do want encryption and decryption to be tough to figure out otherwise it will be easy to hack. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Collectives on Stack Overflow.

Learn more. Asked 9 years, 9 months ago. Active 2 years, 8 months ago. Viewed k times. Improve this question. Will 2 2 silver badges 13 13 bronze badges. Richard Richard 5, 5 5 gold badges 26 26 silver badges 36 36 bronze badges. Crypto is not simple. Read blogs.

All crypto operates on byte arrays. Use Encoding. Any answer to this question that just suggests some crypto algorithm and fails to discuss identity, key management, integrity He apparently doesn't care much about the purpose of the functionality. Tarik No, he isn't exaggerating the situation. Cryptography can be used to secure a system. Without describing the system, applied cryptography is useless as is the accepted answer. Add a comment. Active Oldest Votes.

Improve this question. Raghu Raghu 2, 3 3 gold badges 26 26 silver badges 60 60 bronze badges. See if following posting helps : stackoverflow.

How is it you have a signing key that you want to perform encryption with? I may be out of my depth here when it comes to encryption related to ECC certificates. Can you please educate me as to where I went wrong? So it depends on what you're trying to do, but whatever it is you'll end up with something different than you're used to with RSA.

Show 3 more comments. Active Oldest Votes. Background Asymmetric algorithms have three different purposes that I know of Encryption RSA is the only "standard" algorithm that can do this directly. Net Currently. Create ecdsa. You already chose secpr1. Point compression's annoying, choose not to use it. I'm omitting SharedInfo. That probably makes me a bad person. Encrypt Make an ephemeral key on the right curve. Create curve ; We decided no.

This example requires systems to have bit encryption installed. Skip to main content. This browser is no longer supported. Download Microsoft Edge More info. Contents Exit focus mode. Is this page helpful? Please rate your experience Yes No. Any additional feedback? Submit and view feedback for This product This page. View all page feedback. NET, it's available as a Nuget package for install into your projects. I like it a lot more than what's currently available in the System.

Cryptography library. It gives you a lot more options in terms of available algorithms, and provides more modes for those algorithms. This is an example of an implementation of TwoFish , which was written by Bruce Schneier hero to all us paranoid people out there.

It's a symmetric algorithm like the Rijndael aka AES. It was one of the three finalists for the AES standard and sibling to another famous algorithm written by Bruce Schneier called BlowFish. First thing with bouncycastle is to create an encryptor class, this will make it easier to implement other block ciphers within the library. The following encryptor class takes in a generic argument T where T implements IBlockCipher and has a default constructor. Although from a style perspective this goes against the SOLID principle of single responsibility, because of the nature of what this class does I reniged.

This class will now take two generic parameters, one for the cipher and one for the digest. Next just call the encrypt and decrypt methods on the new class, here's the example using twofish:. The hardest part about encryption actually deals with the keys and not the algorithms. You'll have to think about where you store your keys, and if you have to, how you exchange them. These algorithms have all withstood the test of time, and are extremely hard to break. Someone who wants to steal information from you isn't going to spend eternity doing cryptanalysis on your messages, they're going to try to figure out what or where your key is.

So 1 choose your keys wisely, 2 store them in a safe place, if you use a web. Update 2 Changed compare method to mitigate against timing attacks. Also updated to default to PKCS7 padding and added new constructor to allow end user the ability to choose which padding they would like to use. Thanks CodesInChaos for the suggestions. HOW TO? ID : viewed : 65 Tags : c. Also too much work to alter this answer otherwise.

The sharedSecret parameters must match. GetBytes aesAlg. CreateEncryptor aesAlg. Key, aesAlg. Write BitConverter. Length , 0, sizeof int ; msEncrypt. Write aesAlg. IV, 0, aesAlg. ToBase64String msEncrypt. CreateDecryptor aesAlg.