Chapter 35. Securing Sensitive Data

IN BRIEF

This chapter is about data protection. There are countless ways that you can protect your data, using everything from simple homemade techniques of data disguise to full-blown encryption algorithms.

This chapter will show you how to protect your data using the facilities available within the .NET Framework and within the operating system itself. You will see an explanation of the concepts behind secret key encryption, public key encryption, and the Windows Data Protection API (DPAPI). In addition to getting introductions to each of those topics, you will see samples of how to use each type of encryption technology within the .NET Framework so that at the end of the chapter you should be confident in your ability to secure any kind of data for any type of transmission or storage using C#.

WHAT YOU NEED

REQUIRED SOFTWARE	.NET Framework SDK v1.1 Visual Studio .NET 2003 with C# installed
RECOMMENDED HARDWARE	PC that meets .NET SDK minimum requirements
SKILLS REQUIRED	C# and .NET familiarity Familiarity with security concepts helpful

SECURING SENSITIVE DATA AT A GLANCE

Secret Key (Symmetric) Encryption		711
	DESCryptoServiceProvider	711	TripleDESCryptoServiceProvider	713
	RC2CryptoServiceProvider	712
	RijndaelManaged	713
Using Hashes to Protect Data		716
	MACTripleDES	716	MD5CryptoServiceProvider	719
	SHA1Managed	718
Public Key Encryption and Signatures		720
	DSACryptoServiceProvider	721	RSACryptoServiceProvider	723
Windows Data Protection API		723
	Using DPAPI	724	Protecting Data in .NET with DPAPI	732
	Creating a DPAPI Wrapper	726
Summary		733