Encrypting sections and-or settings in an App.config file that will be redistributed

Question

I'm creating a regular windows application that will be distributed to several users on my department. I'll need to include some connectivity passwords on the App.config file, and I obviously don't want end-users to just fire up notepad and look at the passwords.

Several articles point on how to encrypt/decrypt configuration sections, but it appears you have to share/ship some keys with the deployable solution.

Is there a simpler way, to just cipher some of the settings so that they are not user-readable, but that don't require extra steps or files when redistributing the program? Great plus would be that accessing the configuration settings is still transparent inside the .NET code. I could always just create a custom method to salt/cipher the string and in my custom code decrypt it, but I'm wondering if there's something simpler.

Any answers or links to articles on how to do this are greatly appreciated. Thanks

Answer 1

If you are trying to encrypt your connection string in your App.Config/Web.Config, you can do so using the Configuration class:

Configuration config = ConfigurationManager.   OpenExeConfiguration(ConfigurationUserLevel.None);
ConfigurationSection section =    config.GetSection("connectionStrings");
if (section != null)
{
    if (!section.IsReadOnly())
    {
        section.SectionInformation.ProtectSection             ("RsaProtectedConfigurationProvider");
        section.SectionInformation.ForceSave = true;
        config.Save(ConfigurationSaveMode.Full);
    }
}

There are two methods: RsaProtectedConfigurationProvider and DPAPIProtectedConfigurationProvider

See this --> http://www.codeproject.com/KB/cs/Configuration_File.aspx and http://msdn.microsoft.com/en-us/library/89211k9b(VS.80).aspx.

Answer 2

In short, cryptography isn't a magic wand that can magically fix an insecure program.

An attacker will try to obtain passwords from memory using a Debugger while the application is running. The passwords will also exist in the binary and these can be easily obtained. The use of any encryption can be bypassed because the password must be in plain text at the time of use. Any time memory is used it can also be observed with a debugger.

The answer lies in anti-debugging: http://www.codeproject.com/KB/security/Intro_To_Win_Anti_Debug.aspx

More advanced windows Anti-Debugging:

http://www.veracode.com/blog/2008/12/anti-debugging-series-part-i/

http://www.veracode.com/blog/2008/12/anti-debugging-series-part-ii/

http://www.veracode.com/blog/2009/01/anti-debugging-series-part-iii/

http://www.veracode.com/blog/2009/02/anti-debugging-series-part-iv/