Simple insecure two-way data obfuscation

Question

I m looking for very simple obfuscation  like encrypt and decrypt but not necessarily secure  functionality for some data  It s not mission critical  I need something to keep honest people honest  but something a little stronger than ROT13 or Base64   I d prefer something that is already included in the  NET framework 2 0  so I don t have to worry about any external dependencies   I really don t want to have to mess around with public private keys  etc  I don t know much about encryption  but I do know enough to know that anything I wrote would be less than worthless    In fact  I d probably screw up the math and make it trivial to crack

User · Answer

EDIT  Years later  I ve come back to say  don t do this   See What  39 s wrong with XOR encryption  for details   A very simple  easy two-way encrytpion is XOR encryption    Come up with a password   Let s have it be mypass  Convert the password into binary  according to ASCII    The password becomes 01101101 01111001 01110000 01100001 01110011 01110011  Take the message you want to encode   Convert that into binary  also  Look at the length of the message   If the message length is 400 bytes  turn the password into a 400 byte string by repeating it over and over again   It would become 01101101 01111001 01110000 01100001 01110011 01110011 01101101 01111001 01110000 01100001 01110011 01110011 01101101 01111001 01110000 01100001 01110011 01110011     or mypassmypassmypass     XOR the message with the long password  Send the result  Another time  XOR the encrypted message with the same password  mypassmypassmypass      There s your message

User · Answer

EDIT  Years later  I ve come back to say  don t do this   See What  39 s wrong with XOR encryption  for details   A very simple  easy two-way encrytpion is XOR encryption    Come up with a password   Let s have it be mypass  Convert the password into binary  according to ASCII    The password becomes 01101101 01111001 01110000 01100001 01110011 01110011  Take the message you want to encode   Convert that into binary  also  Look at the length of the message   If the message length is 400 bytes  turn the password into a 400 byte string by repeating it over and over again   It would become 01101101 01111001 01110000 01100001 01110011 01110011 01101101 01111001 01110000 01100001 01110011 01110011 01101101 01111001 01110000 01100001 01110011 01110011     or mypassmypassmypass     XOR the message with the long password  Send the result  Another time  XOR the encrypted message with the same password  mypassmypassmypass      There s your message

User · Answer

Using the builtin  Net Cryptography library  this example shows how to use the Advanced Encryption Standard  AES    using System  using System IO  using System Security Cryptography   namespace Aes Example       class AesExample               public static void Main                         try                                string original    Here is some data to encrypt                        Create a new instance of the Aes                    class   This generates a new key and initialization                     vector  IV                   using  Aes myAes   Aes Create                                              Encrypt the string to an array of bytes                      byte   encrypted   EncryptStringToBytes Aes original  myAes Key  myAes IV                           Decrypt the bytes to a string                      string roundtrip   DecryptStringFromBytes Aes encrypted  myAes Key  myAes IV                          Display the original data and the decrypted data                      Console WriteLine  Original     0    original                       Console WriteLine  Round Trip   0    roundtrip                                                catch  Exception e                                Console WriteLine  Error   0    e Message                                   static byte   EncryptStringToBytes Aes string plainText  byte   Key byte   IV                           Check arguments              if  plainText    null    plainText Length  lt   0                  throw new ArgumentNullException  plainText                if  Key    null    Key Length  lt   0                  throw new ArgumentNullException  Key                if  IV    null    IV Length  lt   0                  throw new ArgumentNullException  Key                byte   encrypted                 Create an Aes object                with the specified key and IV              using  Aes aesAlg   Aes Create                                  aesAlg Key   Key                  aesAlg IV   IV                      Create a decrytor to perform the stream transform                  ICryptoTransform encryptor   aesAlg CreateEncryptor aesAlg Key  aesAlg IV                       Create the streams used for encryption                  using  MemoryStream msEncrypt   new MemoryStream                                          using  CryptoStream csEncrypt   new CryptoStream msEncrypt  encryptor  CryptoStreamMode Write                                                 using  StreamWriter swEncrypt   new StreamWriter csEncrypt                                                            Write all data to the stream                              swEncrypt Write plainText                                                     encrypted   msEncrypt ToArray                                                                           Return the encrypted bytes from the memory stream              return encrypted                      static string DecryptStringFromBytes Aes byte   cipherText  byte   Key  byte   IV                           Check arguments              if  cipherText    null    cipherText Length  lt   0                  throw new ArgumentNullException  cipherText                if  Key    null    Key Length  lt   0                  throw new ArgumentNullException  Key                if  IV    null    IV Length  lt   0                  throw new ArgumentNullException  Key                    Declare the string used to hold                the decrypted text              string plaintext   null                  Create an Aes object                with the specified key and IV              using  Aes aesAlg   Aes Create                                  aesAlg Key   Key                  aesAlg IV   IV                      Create a decrytor to perform the stream transform                  ICryptoTransform decryptor   aesAlg CreateDecryptor aesAlg Key  aesAlg IV                       Create the streams used for decryption                  using  MemoryStream msDecrypt   new MemoryStream cipherText                                         using  CryptoStream csDecrypt   new CryptoStream msDecrypt  decryptor  CryptoStreamMode Read                                                 using  StreamReader srDecrypt   new StreamReader csDecrypt                                                             Read the decrypted bytes from the decrypting stream                                and place them in a string                              plaintext   srDecrypt ReadToEnd                                                                                                  return plaintext

User · Answer

I changed this   public string ByteArrToString byte   byteArr        byte val      string tempStr           for  int i   0  i  lt   byteArr GetUpperBound 0   i                  val   byteArr i           if  val  lt   byte 10              tempStr     00    val ToString            else if  val  lt   byte 100              tempStr     0    val ToString            else             tempStr    val ToString              return tempStr      to this       public string ByteArrToString byte   byteArr                string temp               foreach  byte b in byteArr              temp    b ToString   PadLeft 3   0            return temp

User · Answer

Other answers here work fine  but AES is a more secure and up-to-date encryption algorithm   This is a class that I obtained a few years ago to perform AES encryption that I have modified over time to be more friendly for web applications  e g  I ve built Encrypt Decrypt methods that work with URL-friendly string    It also has the methods that work with byte arrays     NOTE  you should use different values in the Key  32 bytes  and Vector  16 bytes  arrays   You wouldn t want someone to figure out your keys by just assuming that you used this code as-is   All you have to do is change some of the numbers  must be  lt   255  in the Key and Vector arrays  I left one invalid value in the Vector array to make sure you do this       You can use https   www random org bytes  to generate a new set easily    generate Key generate Vector   Using it is easy  just instantiate the class and then call  usually  EncryptToString string StringToEncrypt  and DecryptString string StringToDecrypt  as methods   It couldn t be any easier  or more secure  once you have this class in place     using System  using System Data  using System Security Cryptography  using System IO    public class SimpleAES          Change these keys     private byte   Key     Replace Me     123  217  19  11  24  26  85  45  114  184  27  162  37  112  222  209  241  24  175  144  173  53  196  29  24  26  17  218  131  236  53  209             a hardcoded IV should not be used for production AES-CBC code        IVs should be unpredictable per ciphertext     private byte   Vector     Replace Me     146  64  191  111  23  3  113  119  231  121  2521  112  79  32  114  156           private ICryptoTransform EncryptorTransform  DecryptorTransform      private System Text UTF8Encoding UTFEncoder       public SimpleAES                   This is our encryption method         RijndaelManaged rm   new RijndaelManaged               Create an encryptor and a decryptor using our encryption method  key  and vector          EncryptorTransform   rm CreateEncryptor this Key  this Vector           DecryptorTransform   rm CreateDecryptor this Key  this Vector              Used to translate bytes to text and vice versa         UTFEncoder   new System Text UTF8Encoding                   -------------- Two Utility Methods  not used but may be useful  -----------         Generates an encryption key      static public byte   GenerateEncryptionKey                   Generate a Key          RijndaelManaged rm   new RijndaelManaged            rm GenerateKey            return rm Key                 Generates a unique encryption vector     static public byte   GenerateEncryptionVector                   Generate a Vector         RijndaelManaged rm   new RijndaelManaged            rm GenerateIV            return rm IV                  ----------- The commonly used methods ------------------------------             Encrypt some text and return a string suitable for passing in a URL      public string EncryptToString string TextValue                return ByteArrToString Encrypt TextValue                   Encrypt some text and return an encrypted byte array      public byte   Encrypt string TextValue                  Translates our text value into a byte array          Byte   bytes   UTFEncoder GetBytes TextValue              Used to stream the data in and out of the CryptoStream          MemoryStream memoryStream   new MemoryStream                           We will have to write the unencrypted bytes to the stream             then read the encrypted result back from the stream                       region Write the decrypted value to the encryption stream         CryptoStream cs   new CryptoStream memoryStream  EncryptorTransform  CryptoStreamMode Write           cs Write bytes  0  bytes Length           cs FlushFinalBlock             endregion           region Read encrypted value back out of the stream         memoryStream Position   0          byte   encrypted   new byte memoryStream Length           memoryStream Read encrypted  0  encrypted Length            endregion            Clean up          cs Close            memoryStream Close             return encrypted                 The other side  Decryption methods     public string DecryptString string EncryptedString                return Decrypt StrToByteArray EncryptedString                   Decryption when working with byte arrays          public string Decrypt byte   EncryptedValue                 region Write the encrypted value to the decryption stream         MemoryStream encryptedStream   new MemoryStream            CryptoStream decryptStream   new CryptoStream encryptedStream  DecryptorTransform  CryptoStreamMode Write           decryptStream Write EncryptedValue  0  EncryptedValue Length           decryptStream FlushFinalBlock             endregion           region Read the decrypted value from the stream          encryptedStream Position   0          Byte   decryptedBytes   new Byte encryptedStream Length           encryptedStream Read decryptedBytes  0  decryptedBytes Length           encryptedStream Close             endregion         return UTFEncoder GetString decryptedBytes                  Convert a string to a byte array   NOTE  Normally we d create a Byte Array from a string using an ASCII encoding  like so               System Text ASCIIEncoding encoding   new System Text ASCIIEncoding                return encoding GetBytes str          However  this results in character values that cannot be passed in a URL   So  instead  I just        lay out all of the byte values in a long string of numbers  three per - must pad numbers less than 100       public byte   StrToByteArray string str                if  str Length    0              throw new Exception  Invalid string value in StrToByteArray             byte val          byte   byteArr   new byte str Length   3           int i   0          int j   0          do                       val   byte Parse str Substring i  3                byteArr j      val              i    3                    while  i  lt  str Length           return byteArr                Same comment as above   Normally the conversion would use an ASCII encoding in the other direction              System Text ASCIIEncoding enc   new System Text ASCIIEncoding                return enc GetString byteArr           public string ByteArrToString byte   byteArr                byte val          string tempStr               for  int i   0  i  lt   byteArr GetUpperBound 0   i                          val   byteArr i               if  val  lt   byte 10                  tempStr     00    val ToString                else if  val  lt   byte 100                  tempStr     0    val ToString                else                 tempStr    val ToString                      return tempStr

User · Answer

I wanted to post my solution since none of the above the solutions are as simple as mine   Let me know what you think       This will return an encrypted string based on the unencrypted parameter  public static string Encrypt this string DecryptedValue           HttpServerUtility UrlTokenEncode MachineKey Protect Encoding UTF8 GetBytes DecryptedValue Trim               This will return an unencrypted string based on the parameter  public static string Decrypt this string EncryptedValue           Encoding UTF8 GetString MachineKey Unprotect HttpServerUtility UrlTokenDecode EncryptedValue          Optional  This assumes that the MachineKey of the server used to encrypt the value is the same as the one used to decrypt the value   If desired  you can specify a static MachineKey in the Web config so that your application can decrypt encrypt data regardless of where it is run  e g  development vs  production server    You can generate a static machine key following these instructions

User · Answer

Using TripleDESCryptoServiceProvider in System Security Cryptography    public static class CryptoHelper       private const string Key    MyHashString       private static TripleDESCryptoServiceProvider GetCryproProvider                 var md5   new MD5CryptoServiceProvider            var key   md5 ComputeHash Encoding UTF8 GetBytes Key            return new TripleDESCryptoServiceProvider     Key   key  Mode   CipherMode ECB  Padding   PaddingMode PKCS7               public static string Encrypt string plainString                var data   Encoding UTF8 GetBytes plainString           var tripleDes   GetCryproProvider            var transform   tripleDes CreateEncryptor            var resultsByteArray   transform TransformFinalBlock data  0  data Length           return Convert ToBase64String resultsByteArray              public static string Decrypt string encryptedString                var data   Convert FromBase64String encryptedString           var tripleDes   GetCryproProvider            var transform   tripleDes CreateDecryptor            var resultsByteArray   transform TransformFinalBlock data  0  data Length           return Encoding UTF8 GetString resultsByteArray

User · Answer

I combined what I found the best from several answers and comments    Random initialization vector prepended to crypto text   jbtule  Use TransformFinalBlock   instead of MemoryStream   RenniePet  No pre-filled keys to avoid anyone copy  amp  pasting a disaster Proper dispose and using patterns   Code        lt summary gt      Simple encryption decryption using a random initialization vector     and prepending it to the crypto text       lt  summary gt       lt remarks gt Based on multiple answers in http   stackoverflow com questions 165808 simple-two-way-encryption-for-c-sharp  lt  remarks gt  public class SimpleAes   IDisposable            lt summary gt              Initialization vector length in bytes           lt  summary gt      private const int IvBytes   16            lt summary gt              Must be exactly 16  24 or 32 bytes long           lt  summary gt      private static readonly byte   Key   Convert FromBase64String  FILL ME WITH 24  2 pad chars   32 OR 44  1 pad char  RANDOM CHARS       Base64 has a blowup of four-thirds  33        private readonly UTF8Encoding  encoder      private readonly ICryptoTransform  encryptor      private readonly RijndaelManaged  rijndael       public SimpleAes                  rijndael   new RijndaelManaged  Key   Key            rijndael GenerateIV             encryptor    rijndael CreateEncryptor             encoder   new UTF8Encoding               public string Decrypt string encrypted                return  encoder GetString Decrypt Convert FromBase64String encrypted                public void Dispose                  rijndael Dispose             encryptor Dispose               public string Encrypt string unencrypted                return Convert ToBase64String Encrypt  encoder GetBytes unencrypted                private byte   Decrypt byte   buffer                   IV is prepended to cryptotext         byte   iv   buffer Take IvBytes  ToArray            using  ICryptoTransform decryptor    rijndael CreateDecryptor  rijndael Key  iv                         return decryptor TransformFinalBlock buffer  IvBytes  buffer Length - IvBytes                        private byte   Encrypt byte   buffer                   Prepend cryptotext with IV         byte    inputBuffer    encryptor TransformFinalBlock buffer  0  buffer Length            return  rijndael IV Concat inputBuffer  ToArray              Update 2015-07-18  Fixed mistake in private Encrypt   method by comments of  bpsilver and  Evereq  IV was accidentally encrypted  is now prepended in clear text as expected by Decrypt

User · Answer

I ve been using the accepted answer by Mark Brittingham and its has helped me a lot  Recently I had to send encrypted text to a different organization and that s where some issues came up  The OP does not require these options but since this is a popular question I m posting my modification  Encrypt and Decrypt functions borrowed from here     Different IV for every message - Concatenates IV bytes to the cipher bytes before obtaining the hex  Of course this is a convention that needs to be conveyed to the parties receiving the cipher text  Allows two constructors - one for default RijndaelManaged values  and one where property values can be specified  based on mutual agreement between encrypting and decrypting parties    Here is the class  test sample at the end         lt summary gt      Based on https   msdn microsoft com en-us library system security cryptography rijndaelmanaged v vs 110  aspx     Uses UTF8 Encoding      http   security stackexchange com a 90850      lt  summary gt  public class AnotherAES   IDisposable       private RijndaelManaged rijn            lt summary gt          Initialize algo with key  block size  key size  padding mode and cipher mode to be known           lt  summary gt           lt param name  key  gt ASCII key to be used for encryption or decryption lt  param gt           lt param name  blockSize  gt block size to use for AES algorithm  128  192 or 256 bits lt  param gt           lt param name  keySize  gt key length to use for AES algorithm  128  192  or 256 bits lt  param gt           lt param name  paddingMode  gt  lt  param gt           lt param name  cipherMode  gt  lt  param gt      public AnotherAES string key  int blockSize  int keySize  PaddingMode paddingMode  CipherMode cipherMode                rijn   new RijndaelManaged            rijn Key   Encoding UTF8 GetBytes key           rijn BlockSize   blockSize          rijn KeySize   keySize          rijn Padding   paddingMode          rijn Mode   cipherMode                  lt summary gt          Initialize algo just with key         Defaults for RijndaelManaged class           Block Size  256 bits  32 bytes          Key Size  128 bits  16 bytes          Padding Mode  PKCS7         Cipher Mode  CBC          lt  summary gt           lt param name  key  gt  lt  param gt      public AnotherAES string key                rijn   new RijndaelManaged            byte   keyArray   Encoding UTF8 GetBytes key           rijn Key   keyArray                  lt summary gt          Based on https   msdn microsoft com en-us library system security cryptography rijndaelmanaged v vs 110  aspx         Encrypt a string using RijndaelManaged encryptor           lt  summary gt           lt param name  plainText  gt string to be encrypted lt  param gt           lt param name  IV  gt initialization vector to be used by crypto algorithm lt  param gt           lt returns gt  lt  returns gt      public byte   Encrypt string plainText  byte   IV                if  rijn    null              throw new ArgumentNullException  Provider not initialized                Check arguments          if  plainText    null    plainText Length  lt   0              throw new ArgumentNullException  plainText cannot be null or empty            if  IV    null    IV Length  lt   0              throw new ArgumentNullException  IV cannot be null or empty            byte   encrypted              Create a decrytor to perform the stream transform          using  ICryptoTransform encryptor   rijn CreateEncryptor rijn Key  IV                            Create the streams used for encryption              using  MemoryStream msEncrypt   new MemoryStream                                  using  CryptoStream csEncrypt   new CryptoStream msEncrypt  encryptor  CryptoStreamMode Write                                         using  StreamWriter swEncrypt   new StreamWriter csEncrypt                                                   Write all data to the stream                          swEncrypt Write plainText                                             encrypted   msEncrypt ToArray                                                         Return the encrypted bytes from the memory stream          return encrypted         end EncryptStringToBytes           lt summary gt          Based on https   msdn microsoft com en-us library system security cryptography rijndaelmanaged v vs 110  aspx          lt  summary gt           lt param name  cipherText  gt bytes to be decrypted back to plaintext lt  param gt           lt param name  IV  gt initialization vector used to encrypt the bytes lt  param gt           lt returns gt  lt  returns gt      public string Decrypt byte   cipherText  byte   IV                if  rijn    null              throw new ArgumentNullException  Provider not initialized                Check arguments          if  cipherText    null    cipherText Length  lt   0              throw new ArgumentNullException  cipherText cannot be null or empty            if  IV    null    IV Length  lt   0              throw new ArgumentNullException  IV cannot be null or empty                Declare the string used to hold the decrypted text          string plaintext   null              Create a decrytor to perform the stream transform          using  ICryptoTransform decryptor   rijn CreateDecryptor rijn Key  IV                            Create the streams used for decryption              using  MemoryStream msDecrypt   new MemoryStream cipherText                                 using  CryptoStream csDecrypt   new CryptoStream msDecrypt  decryptor  CryptoStreamMode Read                                         using  StreamReader srDecrypt   new StreamReader csDecrypt                                                    Read the decrypted bytes from the decrypting stream and place them in a string                          plaintext   srDecrypt ReadToEnd                                                                             return plaintext         end DecryptStringFromBytes           lt summary gt          Generates a unique encryption vector using RijndaelManaged GenerateIV   method          lt  summary gt           lt returns gt  lt  returns gt      public byte   GenerateEncryptionVector                 if  rijn    null              throw new ArgumentNullException  Provider not initialized               Generate a Vector         rijn GenerateIV            return rijn IV         end GenerateEncryptionVector            lt summary gt          Based on https   stackoverflow com a 1344255         Generate a unique string given number of bytes required          This string can be used as IV  IV byte size should be equal to cipher-block byte size           Allows seeing IV in plaintext so it can be passed along a url or some message           lt  summary gt           lt param name  numBytes  gt  lt  param gt           lt returns gt  lt  returns gt      public static string GetUniqueString int numBytes                char   chars   new char 62           chars    abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890  ToCharArray            byte   data   new byte 1           using  RNGCryptoServiceProvider crypto   new RNGCryptoServiceProvider                          data   new byte numBytes               crypto GetBytes data                     StringBuilder result   new StringBuilder numBytes           foreach  byte b in data                        result Append chars b    chars Length                       return result ToString           end GetUniqueKey             lt summary gt          Converts a string to byte array  Useful when converting back hex string which was originally formed from bytes           lt  summary gt           lt param name  hex  gt  lt  param gt           lt returns gt  lt  returns gt      public static byte   StringToByteArray String hex                int NumberChars   hex Length          byte   bytes   new byte NumberChars   2           for  int i   0  i  lt  NumberChars  i    2              bytes i   2    Convert ToByte hex Substring i  2   16           return bytes         end StringToByteArray           lt summary gt          Dispose RijndaelManaged object initialized in the constructor          lt  summary gt      public void Dispose                 if  rijn    null              rijn Dispose           end Dispose      end class   and    Here is the test sample   class Program       string key      static void Main string   args                Program p   new Program               get 16 byte key  just demo - typically you will have a predetermined key          p key   AnotherAES GetUniqueString 16            string plainText    Hello World               encrypt         string hex   p Encrypt plainText              decrypt         string roundTrip   p Decrypt hex            Console WriteLine  Round Trip   0    roundTrip              string Encrypt string plainText                Console WriteLine   nSending  encrypt side                Console WriteLine  Plain Text   0    plainText           Console WriteLine  Key   0    key           string hex   string Empty          string ivString   AnotherAES GetUniqueString 16           Console WriteLine  IV   0    ivString           using  AnotherAES aes   new AnotherAES key                           encrypting side             byte   IV   Encoding UTF8 GetBytes ivString                  get encrypted bytes  IV bytes prepended to cipher bytes              byte   encryptedBytes   aes Encrypt plainText  IV               byte   encryptedBytesWithIV   IV Concat encryptedBytes  ToArray                   get hex string to send with url               this hex has both IV and ciphertext             hex   BitConverter ToString encryptedBytesWithIV  Replace  -                    Console WriteLine  sending hex   0    hex                      return hex             string Decrypt string hex                Console WriteLine   nReceiving  decrypt side                Console WriteLine  received hex   0    hex           string roundTrip   string Empty          Console WriteLine  Key     key           using  AnotherAES aes   new AnotherAES key                           get bytes from url             byte   encryptedBytesWithIV   AnotherAES StringToByteArray hex                byte   IV   encryptedBytesWithIV Take 16  ToArray                 Console WriteLine  IV   0    System Text Encoding Default GetString IV                 byte   cipher   encryptedBytesWithIV Skip 16  ToArray                 roundTrip   aes Decrypt cipher  IV                     return roundTrip

User · Answer

The namespace System Security Cryptography contains the TripleDESCryptoServiceProvider and RijndaelManaged classes  Don t forget to add a reference to the System Security assembly

User · Answer

Yes  add the System Security assembly  import the System Security Cryptography namespace  Here s a simple example of a symmetric  DES  algorithm encryption   DESCryptoServiceProvider des   new DESCryptoServiceProvider    des GenerateKey    byte   key   des Key     save this   ICryptoTransform encryptor   des CreateEncryptor       encrypt byte   enc   encryptor TransformFinalBlock new byte     1  2  3  4    0  4    ICryptoTransform decryptor   des CreateDecryptor        decrypt byte   originalAgain   decryptor TransformFinalBlock enc  0  enc Length   Debug Assert originalAgain 0     1

User · Answer

Encryption is easy  as others have pointed out  there are classes in the System Security Cryptography namespace that do all the work for you   Use them rather than any home-grown solution   But decryption is easy too   The issue you have is not the encryption algorithm  but protecting access to the key used for decryption   I would use one of the following solutions    DPAPI using the ProtectedData class with CurrentUser scope   This is easy as you don t need to worry about a key   Data can only be decrypted by the same user  so no good for sharing data between users or machines  DPAPI using the ProtectedData class with LocalMachine scope   Good for e g  protecting configuration data on a single secure server   But anyone who can log into the machine can encrypt it  so no good unless the server is secure  Any symmetric algorithm   I typically use the static SymmetricAlgorithm Create   method if I don t care what algorithm is used  in fact it s Rijndael by default    In this case you need to protect your key somehow   E g  you can obfuscate it in some way and hide it in your code   But be aware that anyone who is smart enough to decompile your code will likely be able to find the key

User · Answer

Just thought I d add that I ve improved Mud s SimplerAES by adding a random IV that s passed back inside the encrypted string  This improves the encryption as encrypting the same string will result in a different output each time     public class StringEncryption       private readonly Random random      private readonly byte   key      private readonly RijndaelManaged rm      private readonly UTF8Encoding encoder       public StringEncryption                 this random   new Random            this rm   new RijndaelManaged            this encoder   new UTF8Encoding            this key   Convert FromBase64String  Your Secret Static Encryption Key Goes Here                public string Encrypt string unencrypted                var vector   new byte 16           this random NextBytes vector           var cryptogram   vector Concat this Encrypt this encoder GetBytes unencrypted   vector            return Convert ToBase64String cryptogram ToArray                public string Decrypt string encrypted                var cryptogram   Convert FromBase64String encrypted           if  cryptogram Length  lt  17                        throw new ArgumentException  Not a valid encrypted string    encrypted                       var vector   cryptogram Take 16  ToArray            var buffer   cryptogram Skip 16  ToArray            return this encoder GetString this Decrypt buffer  vector               private byte   Encrypt byte   buffer  byte   vector                var encryptor   this rm CreateEncryptor this key  vector           return this Transform buffer  encryptor              private byte   Decrypt byte   buffer  byte   vector                var decryptor   this rm CreateDecryptor this key  vector           return this Transform buffer  decryptor              private byte   Transform byte   buffer  ICryptoTransform transform                var stream   new MemoryStream            using  var cs   new CryptoStream stream  transform  CryptoStreamMode Write                         cs Write buffer  0  buffer Length                      return stream ToArray              And bonus unit test   Test  public void EncryptDecrypt            Arrange     var subject   new StringEncryption        var originalString    Testing123               Act     var encryptedString1   subject Encrypt originalString       var encryptedString2   subject Encrypt originalString       var decryptedString1   subject Decrypt encryptedString1       var decryptedString2   subject Decrypt encryptedString2           Assert     Assert AreEqual originalString  decryptedString1   Decrypted string should match original string        Assert AreEqual originalString  decryptedString2   Decrypted string should match original string        Assert AreNotEqual originalString  encryptedString1   Encrypted string should not match original string        Assert AreNotEqual encryptedString1  encryptedString2   String should never be encrypted the same twice

User · Answer

I cleaned up SimpleAES  above  for my use  Fixed convoluted encrypt decrypt methods  separated methods for encoding byte buffers  strings  and URL-friendly strings  made use of existing libraries for URL encoding   The code is small  simpler  faster and the output is more concise  For instance  johnsmith gmail com produces   SimpleAES   096114178117140150104121138042115022037019164188092040214235183167012211175176167001017163166152  SimplerAES   YHKydYyWaHmKKnMWJROkvFwo1uu3pwzTr7CnARGjppg 3d    Code   public class SimplerAES       private static byte   key     Replace Me     123  217  19  11  24  26  85  45  114  184  27  162  37  112  222  209  241  24  175  144  173  53  196  29  24  26  17  218  131  236  53  209             a hardcoded IV should not be used for production AES-CBC code        IVs should be unpredictable per ciphertext     private static byte   vector     Replace Me    146  64  191  111  23  3  113  119  231  121  221  112  79  32  114  156          private ICryptoTransform encryptor  decryptor      private UTF8Encoding encoder       public SimplerAES                 RijndaelManaged rm   new RijndaelManaged            encryptor   rm CreateEncryptor key  vector           decryptor   rm CreateDecryptor key  vector           encoder   new UTF8Encoding               public string Encrypt string unencrypted                return Convert ToBase64String Encrypt encoder GetBytes unencrypted                public string Decrypt string encrypted                return encoder GetString Decrypt Convert FromBase64String encrypted                public byte   Encrypt byte   buffer                return Transform buffer  encryptor              public byte   Decrypt byte   buffer                return Transform buffer  decryptor              protected byte   Transform byte   buffer  ICryptoTransform transform                MemoryStream stream   new MemoryStream            using  CryptoStream cs   new CryptoStream stream  transform  CryptoStreamMode Write                         cs Write buffer  0  buffer Length                     return stream ToArray

User · Answer

Other answers here work fine  but AES is a more secure and up-to-date encryption algorithm   This is a class that I obtained a few years ago to perform AES encryption that I have modified over time to be more friendly for web applications  e g  I ve built Encrypt Decrypt methods that work with URL-friendly string    It also has the methods that work with byte arrays     NOTE  you should use different values in the Key  32 bytes  and Vector  16 bytes  arrays   You wouldn t want someone to figure out your keys by just assuming that you used this code as-is   All you have to do is change some of the numbers  must be  lt   255  in the Key and Vector arrays  I left one invalid value in the Vector array to make sure you do this       You can use https   www random org bytes  to generate a new set easily    generate Key generate Vector   Using it is easy  just instantiate the class and then call  usually  EncryptToString string StringToEncrypt  and DecryptString string StringToDecrypt  as methods   It couldn t be any easier  or more secure  once you have this class in place     using System  using System Data  using System Security Cryptography  using System IO    public class SimpleAES          Change these keys     private byte   Key     Replace Me     123  217  19  11  24  26  85  45  114  184  27  162  37  112  222  209  241  24  175  144  173  53  196  29  24  26  17  218  131  236  53  209             a hardcoded IV should not be used for production AES-CBC code        IVs should be unpredictable per ciphertext     private byte   Vector     Replace Me     146  64  191  111  23  3  113  119  231  121  2521  112  79  32  114  156           private ICryptoTransform EncryptorTransform  DecryptorTransform      private System Text UTF8Encoding UTFEncoder       public SimpleAES                   This is our encryption method         RijndaelManaged rm   new RijndaelManaged               Create an encryptor and a decryptor using our encryption method  key  and vector          EncryptorTransform   rm CreateEncryptor this Key  this Vector           DecryptorTransform   rm CreateDecryptor this Key  this Vector              Used to translate bytes to text and vice versa         UTFEncoder   new System Text UTF8Encoding                   -------------- Two Utility Methods  not used but may be useful  -----------         Generates an encryption key      static public byte   GenerateEncryptionKey                   Generate a Key          RijndaelManaged rm   new RijndaelManaged            rm GenerateKey            return rm Key                 Generates a unique encryption vector     static public byte   GenerateEncryptionVector                   Generate a Vector         RijndaelManaged rm   new RijndaelManaged            rm GenerateIV            return rm IV                  ----------- The commonly used methods ------------------------------             Encrypt some text and return a string suitable for passing in a URL      public string EncryptToString string TextValue                return ByteArrToString Encrypt TextValue                   Encrypt some text and return an encrypted byte array      public byte   Encrypt string TextValue                  Translates our text value into a byte array          Byte   bytes   UTFEncoder GetBytes TextValue              Used to stream the data in and out of the CryptoStream          MemoryStream memoryStream   new MemoryStream                           We will have to write the unencrypted bytes to the stream             then read the encrypted result back from the stream                       region Write the decrypted value to the encryption stream         CryptoStream cs   new CryptoStream memoryStream  EncryptorTransform  CryptoStreamMode Write           cs Write bytes  0  bytes Length           cs FlushFinalBlock             endregion           region Read encrypted value back out of the stream         memoryStream Position   0          byte   encrypted   new byte memoryStream Length           memoryStream Read encrypted  0  encrypted Length            endregion            Clean up          cs Close            memoryStream Close             return encrypted                 The other side  Decryption methods     public string DecryptString string EncryptedString                return Decrypt StrToByteArray EncryptedString                   Decryption when working with byte arrays          public string Decrypt byte   EncryptedValue                 region Write the encrypted value to the decryption stream         MemoryStream encryptedStream   new MemoryStream            CryptoStream decryptStream   new CryptoStream encryptedStream  DecryptorTransform  CryptoStreamMode Write           decryptStream Write EncryptedValue  0  EncryptedValue Length           decryptStream FlushFinalBlock             endregion           region Read the decrypted value from the stream          encryptedStream Position   0          Byte   decryptedBytes   new Byte encryptedStream Length           encryptedStream Read decryptedBytes  0  decryptedBytes Length           encryptedStream Close             endregion         return UTFEncoder GetString decryptedBytes                  Convert a string to a byte array   NOTE  Normally we d create a Byte Array from a string using an ASCII encoding  like so               System Text ASCIIEncoding encoding   new System Text ASCIIEncoding                return encoding GetBytes str          However  this results in character values that cannot be passed in a URL   So  instead  I just        lay out all of the byte values in a long string of numbers  three per - must pad numbers less than 100       public byte   StrToByteArray string str                if  str Length    0              throw new Exception  Invalid string value in StrToByteArray             byte val          byte   byteArr   new byte str Length   3           int i   0          int j   0          do                       val   byte Parse str Substring i  3                byteArr j      val              i    3                    while  i  lt  str Length           return byteArr                Same comment as above   Normally the conversion would use an ASCII encoding in the other direction              System Text ASCIIEncoding enc   new System Text ASCIIEncoding                return enc GetString byteArr           public string ByteArrToString byte   byteArr                byte val          string tempStr               for  int i   0  i  lt   byteArr GetUpperBound 0   i                          val   byteArr i               if  val  lt   byte 10                  tempStr     00    val ToString                else if  val  lt   byte 100                  tempStr     0    val ToString                else                 tempStr    val ToString                      return tempStr

User · Answer

A variant of Marks  excellent  answer    Add  using s Make the class IDisposable Remove the URL encoding code to make the example simpler   Add a simple test fixture to demonstrate usage   Hope this helps   TestFixture  public class RijndaelHelperTests        Test      public void UseCase                   These two values should not be hard coded in your code          byte   key    251  9  67  117  237  158  138  150  255  97  103  128  183  65  76  161  7  79  244  225  146  180  51  123  118  167  45  10  184  181  202  190           byte   vector    214  11  221  108  210  71  14  15  151  57  241  174  177  142  115  137            using  var rijndaelHelper   new RijndaelHelper key  vector                         var encrypt   rijndaelHelper Encrypt  StringToEncrypt                var decrypt   rijndaelHelper Decrypt encrypt               Assert AreEqual  StringToEncrypt   decrypt                      public class RijndaelHelper   IDisposable       Rijndael rijndael      UTF8Encoding encoding       public RijndaelHelper byte   key  byte   vector                encoding   new UTF8Encoding            rijndael   Rijndael Create            rijndael Key   key          rijndael IV   vector             public byte   Encrypt string valueToEncrypt                var bytes   encoding GetBytes valueToEncrypt           using  var encryptor   rijndael CreateEncryptor            using  var stream   new MemoryStream            using  var crypto   new CryptoStream stream  encryptor  CryptoStreamMode Write                         crypto Write bytes  0  bytes Length               crypto FlushFinalBlock                stream Position   0              var encrypted   new byte stream Length               stream Read encrypted  0  encrypted Length               return encrypted                       public string Decrypt byte   encryptedValue                using  var decryptor   rijndael CreateDecryptor            using  var stream   new MemoryStream            using  var crypto   new CryptoStream stream  decryptor  CryptoStreamMode Write                         crypto Write encryptedValue  0  encryptedValue Length               crypto FlushFinalBlock                stream Position   0              var decryptedBytes   new Byte stream Length               stream Read decryptedBytes  0  decryptedBytes Length               return encoding GetString decryptedBytes                        public void Dispose                 if  rijndael    null                        rijndael Dispose

User · Answer

I know you said you don t care about how secure it is  but if you chose DES you might as well take AES it is the more up-to-date encryption method

User · Answer

I think this is the worlds simplest one    string encrypted    Text  Aggregate      c  a    gt  c    char   a   2      Test   Console WriteLine   Hello   Aggregate      c  a    gt  c    char   a   1                   Output is Ifmmp  Console WriteLine   Ifmmp   Aggregate      c  a    gt  c    char  a - 1                   Output is Hello

User · Answer

If you just want simple encryption  i e   possible for a determined cracker to break  but locking out most casual users   just pick two passphrases of equal length  say   deoxyribonucleicacid while  x gt 0    x--      and xor your data with both of them  looping the passphrases if necessary  a    For example   1111-2222-3333-4444-5555-6666-7777 deoxyribonucleicaciddeoxyribonucle while  x gt 0    x--   while  x gt 0       Someone searching your binary may well think the DNA string is a key  but they re unlikely to think the C code is anything other than uninitialized memory saved with your binary      a  Keep in mind this is very simple encryption and  by some definitions  may not be considered encryption at all  since the intent of encryption is to prevent unauthorised access rather than just make it more difficult   Although  of course  even the strongest encryption is insecure when someone s standing over the key-holders with a steel pipe   As stated in the first sentence  this is a means to make it difficult enough for the casual attacker that they ll move on  It s similar to preventing burglaries on your home - you don t need to make it impregnable  you just need to make it less pregnable than the house next door  -

[c#] Simple insecure two-way data "obfuscation"?

Examples related to c#

Examples related to obfuscation