Encryption of text files in .NET

Question

I have a requirement to programmatically encrypt portions of a plain text file in a C# application, and ensure that the data, when unencrypted, cannot be easily intercepted in memory (this may provide challenging, as there is always some point where the raw data will be handled in decrypted form).

It should be possible to unencrypt the data either by means of a password encrypted in the file or ideally via a private key. One requirement is to allow each encrypted block to be protected by a unique key pair, such that a private key decrypts a subset of the encrypted whole.

I am thinking of using RSACryptoServiceProvider or some other asymmetric cryptography scheme available in .Net 4.0. I am proceeding with caution as the scheme must be rock-solid, and would not be averse to using an external library if there are compelling reasons for this.

I am also interested in established techniques for maintaining encryption in-memory, in order to prevent runtime heap-walking as a means to intercept unencrypted data.

Thanks in advance.

Answer 1

For an example of how RSACryptoServiceProvider works, I can only direct you to its MSDN page that has a very complete usage example.

For secure storage of a string in memory, you can use System.Security.SecureString:

SecureString Class : Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed.

However please keep in mind that any person sufficiently skilled and / or motivated will always manage to eventually break the protections you have set.