What Information can be found in every C# application to be used as a unique salt for encryption?

Question

What information can be found in every C# application that can be used as a unique salt for encryption, including for web applications, windows services and wcf layers?

I would like to create a library that allows easy encryption of sensitive data stored in configuration files, using the (DPAPI) System.Security.Cryptography.ProtectedData.Protect() and System.Security.Cryptography.ProtectedData.Unprotect() methods.

The library will also be used by a separate application I'm making that can encrypt and decrypt config values outside of the applications that are using the values, allowing updates to config files without recompiling everything or needing access to the original source, although access to the source should always be available.

The salt must be simple enough to enter manually in the separate application (for instance, a GUID would be difficult to identify).

System.Reflection.Assembly.GetEntryAssembly() appears promising, if that is the assembly of the application/service invoking this library I'm making, I could use something in there. First thoughts were "make the salt the config file name the encrypted data is being stored in...", but for websites the config file is always 'web.config'.

Any other thoughts welcome.

Updates...

'GetExecutingAssembly()'... how does that differ from 'GetEntryAssembly()'?

Answer 1

Every application/assembly has a version number, this could be an option.

System.Reflection.Assembly.GetExecutingAssembly().GetName().Version.ToString();