1

I have a windows service that reads from app.config.

I want some settings to be encrypted, however, I don't want to use the ProtectedConfigurationProvider classes provided in .NET because they encrypt files based on the machine they are running on using DPAPI.

What I wanted was a way for our administrator to deploy the config file already encrypted to many machines and have each machine decrypt them when needed.

I don't want to hardcode a password into the assembly either so I'm not sure how I can go about this.

Steven A. Lowe
  • 60,273
  • 18
  • 132
  • 202
Razor
  • 17,271
  • 25
  • 91
  • 138
  • 6
    Who's Vince and why did he ask this very same question? http://stackoverflow.com/questions/559995/encrypting-config-files-for-deployment-net – spender Oct 03 '10 at 01:47

2 Answers2

9

reduce the problem to its simplest form:

  • you have a program
  • that will be given an encrypted file
  • and you want to decrypt the file
  • without hard-coding the key

the obvious solution is to ask for the key when needed from a trusted third party

Steven A. Lowe
  • 60,273
  • 18
  • 132
  • 202
2

One possible way to do this would be to include the decryption key at the beginning of the file, and the key has been reprocessed in some fashion that you can determine from the key. One possibility would be to pick, like, say sixteen different things, 0 being, say, rotate the first two bytes to the end; 1 being rotate the last two bytes to the front; 2 being add 1 to every byte; and so on for 14 additional functions. Now add this value in front of the key as the "reprocess flag".

The first byte of the key would then be a branch table to one of 16 different routines to say what to do with the key. Note that the reprocess flag doesn't have to be the first byte, it can be any byte in the key as long as you remember to throw that byte away when handling the key.

Then you process the key according to whatever decryption algorithm you would use.

Now, given this reprocess flag - especially if the entire key was in hexadecimal - would require someone follow the logic to determine which of the 16 different functions your code executed, then figure out the decryption method. It's not going to stop everyone but it will probably do a fairly good job driving away all but the most determined.

  • 1
    this is still technically hard-coding the key, just obfuscated in the config-file instead of extant in the code - +1 for the thoughtful answer though! – Steven A. Lowe Feb 19 '09 at 02:54