1

For a net core 2 web app, we are developing we used DPAPI for encrypting/decrypting of string data before storing in DB. We turned off key regeneration so that we could use the same keys in dev/production and for moves.

Recently we have found that windows updates can force us to have to reimport certificates on our dev machines to get DPAPI working again in our solutions.

Now we have experienced similar behaviour on our production web server, so we are looking for a reliable alternative for long term encryption of strings.

Speed of decryption is more important to us than the sophistication of the crypto algorithm. The data will have already been hashed before encryption. We are encrypting as an additional safety measure. The data will be decrypted in bulk for export. DPAPI was quite fast.

mikelus
  • 927
  • 11
  • 25
  • 1
    Maybe this helps https://stackoverflow.com/questions/10168240/encrypting-decrypting-a-string-in-c-sharp – VDWWD Aug 14 '19 at 08:41
  • *The data will have already been hashed before encryption* That is a puzzling statement. Can you elaborate? – President James K. Polk Aug 14 '19 at 13:36
  • The data is being hashed remotely then hashed again on receipt. It is desired that the data is subsequently encrypted before being stored. – mikelus Aug 14 '19 at 14:38

0 Answers0