473,398 Members | 2,389 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > encryption question

Join Bytes to post your question to a community of 473,398 software developers and data experts.

Encryption Question

We have some .dlls that we have written that use config files to store
configuration information such as usernames and passwords. In a previous
posting I asked for some suggestions for encrypting the passwords. Someone
suggested DPAPI and after some research this sounded like a good idea. After
implementing this solution I find that there is a problem. DPAPI decryption
is user based. The password that is stored in the config file is only
decrypted correctly if the person running the application is the same person
who encrypted it. This works fine for simple apps. However in my case the
..dlls that I've written could be called by an application, a web service or a
windows service all which may be running under the context of a different
user account.

Now that I realize this, I think DPAPI is the wrong choice. Can anyone
offer a suggestion of a simpler method of encryption. FYI: The passwords
that I'm storing aren't admin password. The are usually just domain accounts
that have rights for certain directories.
Jul 25 '05 #1
1 1155
Jan
DPAPI offers a number of encryption mechanizims. The one you are using
is EncryptData which uses the default encryption algorith in conjuction
with the users masterkey to make a user spesific cipher.

However, DPAPI also allows you run the encryption algorithims manually.
So just use ICryptoTransform and a CryptoStream in
System.Security.Cryptography and you can just cipher using a key and
some enrtopy bytes.

MSDN has a good example of using CryptoStream

Jul 25 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
Best encryption technique
by: Harold Crump | last post by:
Greetings, I have a requirement of storing some .xml files on a web server. The files will contain financial information like credit card numbers, so I would like to encrypt them. The files...
PHP
34
Encryption with Python?
by: Blake T. Garretson | last post by:
I want to save some sensitive data (passwords, PIN numbers, etc.) to disk in a secure manner in one of my programs. What is the easiest/best way to accomplish strong file encryption in Python? ...
Python
14
Encryption keys
by: Ray Cassick \(Home\) | last post by:
Ok, time to ask the question here.. I have been battling over this one for sometime now and just have to ask it. I have created a few classes that I use to act a security keys. These classes get...
.NET Framework
4
Encryption-like creation of unique strings
by: panik | last post by:
Hi, I'm looking for something similar to Encryption. I'd like to generate URL's with a format that avoids visible ID's (e.g. http://thesite/viewlink.aspx?ID=105) Instead, I'd like to generate a...
C# / C Sharp
113
How good an encryption algorithm is this?
by: Bonj | last post by:
I was in need of an encryption algorithm to the following requirements: 1) Must be capable of encrypting strings to a byte array, and decyrpting back again to the same string 2) Must have the same...
C# / C Sharp
1
Asp.net and Encryption: Where to store the keys?
by: David | last post by:
One thing that's always puzzled me about implementing encryption on remote asp.net apps is where to store the keys. The demo code indicate that you include them in a configuration file, but this...
ASP.NET
3
Visa Encryption with Sql Server
by: dmalhotr2001 | last post by:
I was wondering whether anyone ever dealt with encryption that are visa compliant with credit card numbers: On 3.4 of this document...
Microsoft SQL Server
1
Configure SSL Encryption Strength
by: =?Utf-8?B?bWljcm9ob2Y=?= | last post by:
Short version: Is there a way to configure (preferably programmatically) the max encryption strength that will be used by the framework when connecting to a particular SSL-protected web service? ...
.NET Framework
25
Encryption Question
by: eggie5 | last post by:
I have a form where a user can change his password, but I'm confused on how to prevent this from being transmitted in plain text. Well, I know how not to transmit it in plain text - use any type...
Javascript
19
Proposal for Lite Encryption for Login Form without SSL
by: klenwell | last post by:
Another request for comments here. I'd like to accomplish something like the scheme outlined at this page here: http://tinyurl.com/3dtcdr In a nutshell, the form uses javascript to hash...
PHP
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!