Re: Folder Encryption

I've heard of other folks doing similar things. You want to be able to
download files to the local hard drive but the contents of the files are
proprietary, and you don't want the users to know how to open and retrieve
their contents. This is essentially "security by obscurity."

If you want to hide some things use obscurity techniques, why not use
Isolated Storage? It gives you a "file system" that you can write to that
is not so obvious to your users...
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconIsolatedStorage.asp

Also, perhaps it would be a good idea to pick the specific file with the
information that is fundamental to the success of your app, and encrypt it
in such a way as the user can decrypt it via your app into memory, where
your app uses it. Once again, the decryption key has to be secured, but as
long as you check the file for tampering (using a hash or a signature,
perhaps), then simply storing the decryption key within your application's
string table may be OK.

I hope this helps,

--
--- Nick Malik [Microsoft]
MCSD, CFPS, Certified Scrummaster
http://blogs.msdn.com/nickmalik

Disclaimer: Opinions expressed in this forum are my own, and not
representative of my employer.
I do not answer questions on behalf of my employer. I'm just a
programmer helping programmers.
--
"SirThanxALot" <sirthanxalot@xxxxxxxxxx> wrote in message
news:1124457121.463167@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Dear all,
>
> I want to protect a large number of files (say 3000) from unauthorised
> access.
> With protect, I mean: kind of vanished.
>
> As little as possible information should be given.
> key factors:
> - number of files
> - the data in the files (of course)
> - only accessible to a few own to-be-developped applications (in C#)
> - easy to add/remove files
>
> I think this is he equivalent of a virtual partition or disk image
> that is mounted for an individual applicaton **instead of the windows file
> system**
> If the 'image' is possible we would probably encrypt the files
> individually, however an entirely
> encrypted image is also good.
>
> Does anyone knows an API that implements this or something very similiar.
> It may be a commercial package also, though an open source or code sample
> is preferred.
>
> Kind regards,
> SirThanxaALot


.

Relevant Pages

  • RE: Using Win32 CryptDecrypt to Decrypt RijndaelManaged
    ... I figured out how to use RijndaelManaged with AES in the C++ app. ... C++ crypto WILL successfully decrypt the .NET generated ... I am trying to write a Win32 app that can decrypt that string using the ... I can get both to encrypt and decrypt successfully in their own projects, ...
    (microsoft.public.platformsdk.security)
  • Re: Security
    ... A lot depends on *what* you want to encrypt, and how you want to use the ... If you lose your Palm and someone else gets hold of it they can attack it ... They can try to use the security app itself to read your data. ... or may try all possible passwords and derive keys from them (unless ...
    (comp.sys.palmtops.pilot)
  • Re: EFS in the two domain controller environment
    ... Both machines have an app running in the context of the same domain user. ... They each hit the same server, trying to encrypt. ... > The apps on both CLIENTMACHINE1 and CLIENTMACHINE2 have essentially the ...
    (microsoft.public.win2000.security)
  • Re: GC and security
    ... comes back at end to encrypt and then app is done. ... gpg is fairly careful about passphrases. ... passphrase in the Python app instead of letting gpg handle it? ...
    (comp.lang.python)
  • Re: Encrypting a password within an executable
    ... Encrypt the executable and use the password hash as the ... decryption key. ... If it is a critical password, assume that your most voracious competitor is ...
    (sci.crypt)