• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 300
  • Last Modified:

what is best way to encrypt a file and decrypt then read content?

I want to write an little app that automatically encrypt a file
when when needed automatically decrypt and read content.

i have searched some resources, some examples codes show that encryption key is randomly generated such as DES or AES methods,

my question is if this key is generated randomly, then next time when decrypting, the key generated will be different from the key used for encryption. which means the encrypted file cannot be decrypted anymore.

am I right about this?

if im correct, then what is the way to encrypt and decrypt a txt file without using a known password??
0
Ikelca
Asked:
Ikelca
  • 8
  • 4
1 Solution
 
Frosty555Commented:
Assuming symmetric keys (e.g. the same key that encrypted the data is also the key to decrypt the data), you need to retain the key in some way, and use it later to decrypt the file.

A randomly generated key is the most secure - since it is random it provides maximum protection against brute force attacks to attempt to "guess" the key. When it comes time to decrypt though you need to have the key to decrypt the data with.

In the case of a randomly generated key it must be stored on the computer in a secure location (e.g. a server may have keys for decrypting the communication stream between a client and the server, but those keys are stored on the server, which has password protection to prevent unauthorized access and is stored in a locked room).

In some cases the key can be "derived" from a password that the user enters - e.g. you can hash a password to get a key which you can then use for encryption. This key, however, is not random and therefore is susceptible to brute force attacks by simply guessing possible user passwords and using the same hashing algorithm to generate the corresponding key - the key is now only as strong as the complexity of the user's password.
0
 
IkelcaAuthor Commented:
in the case u mentioned above, the generated random key is stored somewhere secure on server, then how could an application automatically retreive it and use it to decrypt.....?
i guess that defeats my purpose of automatically encrypt and decrypt
0
 
IkelcaAuthor Commented:
and i have to run this application on many different computers(not server though)
if the key is store on server and requires user action, then it's no good for me.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
rushtoshankarCommented:
If you want the application to encrypt and decrypt on the fly, you can use any algorithm for encryption/decryption. The only thing is you need to keep the keys in the application but you need to keep the application binary and source in a secure. Otherwise anybody who gets the key can do the decryption.

If you do that, you can carry the application anywhere you want and run it to do encrypt or decrypt. Then remove the trace of the application in the in that machine.
0
 
IkelcaAuthor Commented:
ok im using DES now and i hard coded key into app, is it secure? assuming I don't lost key...
is there a way or could someone find out the key from app.exe file?
0
 
rushtoshankarCommented:
Yes. If you hard code the keys in the application, someone can find out the key. Though it is not very easy, it is possible.

As long as the key is random and source, application binary is maintained securely, you are secure.
You can also use the application standalone to encrypt and decrypt on the fly
0
 
IkelcaAuthor Commented:
can you be more specific on application standalone ?? im not familiar with it
0
 
rushtoshankarCommented:
Standalone -> You don't need to have any dependencies like DLL or any other files.

Just EXE alone will be enough for you to encrypt and decrypt files.

Your encryption will be secure and your EXE alone is enough for your job if you
1. select a random key and hard code it in the application
2. keep the source code secure
3. keep the binary secure
0
 
IkelcaAuthor Commented:
then....added assemblies are considered as dependencies or not ? such as system.windows.forms
system.DirectoryServices
0
 
IkelcaAuthor Commented:
i meant references
0
 
IkelcaAuthor Commented:
umm i found that decompiler can see all original code from my exe file.......
that means i cannot hardcode encryption key in exe
anybody?
0
 
rushtoshankarCommented:
You can hard code the key in the application. As i said, it is safe until you keep your binary secure.

Otherwise, you can use any smart cards with smart card readers, your application can use the smart card to use the encryption and decryption.

Advantage is you don't need to worry about keys, theft anything. As long as you have the application, the smart card reader and the smart card, you can do the encryption and decryption on the fly.

Disadvantage is if you lose the card, there is no way to get the key back.

Or use the smart card to store the key alone with PIN. Keep the key in any secure area so that you can reload into a new card.
0
 
IkelcaAuthor Commented:
ok, thank you
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 8
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now