如何在C＃代码中保护我的密钥？ [英] How can I secure my key in C# code?

问题描述

工具：Windows 7 64位操作系统，Visual Studio 2012，Install Shield创建设置。



我有一个Windows窗体应用程序。我使用DES算法来加密和解密数据。为此，我使用了一个密钥（密钥加密）。如何保护此密钥，以便没有人可以获取它并且无法解密我的数据。



我尝试过的方法：



我试图将此密钥放入注册表中。但是可以从注册表编辑器中轻松获取此密钥。

Tool : Windows 7 64 bit OS, Visual Studio 2012, Install Shield to create setup.

I have one windows form application. I have used DES algorithm to Encrypt and Decrypt data. For this purpose I have used one Key(Secret key to encryption). How can I secure this key so that no one can get it and not able to decrypt my data.

What I have tried:

I have tried to put this key in registry. But one can easily get this key from registry editor.

推荐答案

如果您的应用程序需要它，那么几乎不可以。

问题是，如果您的应用需要密钥值来解密您的数据，那么它需要能够从某个地方读取它。这意味着如果任何其他应用程序执行相同的操作，也可以从同一位置读取它。没有一个应用程序已知的密钥与其他应用程序安全，因为即使获取密钥的代码也可以被读取和复制（特别是在.NET中，反编译器相对简单）。您可以对代码进行模糊处理，但这并不能完全阻止它，只是减慢对代码的理解。



提供密钥的唯一安全方法是用户每次都输入它。

抱歉。

If your application needs it, then pretty much you can't.
The problem is that if your app needs the key value to decrypt your data, then it needs to be able to read it from somewhere. Which means that any other application can also read it from the same location if it does the same things. No key which is "known" to one application is "secure" from other applications, as even the code that fetches the key can be read and duplicated (particularly in .NET where decompilers are relatively simple). You could obfuscate the code, but that doesn't prevent it completely, just slow down understanding of the code.

The only secure way to provide a key is to have a user type it in each time.
Sorry.

您可以使用公钥和私钥RSA来保护您的数据。



您将获得更多信息

使用C＃的RSA算法 [ ^ ]

You can you RSA with public and private key to protect your data.

you will get more information
RSA Algorithm With C#[^]

有多种方法可以保护您的密钥，但这取决于您创建密钥的方式。

创建加密和解密动态密钥的一种方法，因此无需将其存储在任何地方。

例如你可以选择一个硬盘序列号并加密你的密钥并使用它来解密（在这种情况下你不需要将它存储在任何地方，只需每次动态获取硬盘序列号，或者你可以使用处理器ID代替）

一种可能性是查询数据库中的加密密钥，可以将其存储在数据库中，它有自己的加密密钥。请参阅以下链接

加密数据列 [ ^ ]

There are multiple ways to secure your key, but it depends upon how you create your key.
One way to create a dynamic key for encryption and decryption so there is no need to store it anywhere.
e.g. you can pick a HDD serial no and encrypt your key and use same for decryption (In this case you do not need to store it any where, just fetch HDD serial no each time dynamically, or you can use Processor ID instead)
One possibility is to query the database for the encryption key, you can store it in database, it has its own encryption key. see below link
Encrypt a Column of Data[^]

这篇关于如何在C＃代码中保护我的密钥？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！