mcapone888
Member
- Joined
- Jun 17, 2011
- Messages
- 10
- Programming Experience
- Beginner
Hi everyone. Thanks to everyone who responded on my previous post. I have finally been able to encrypt / decrypt my strings in the data (.txt) file my VB.Net windows app writes to.
My next question. What is the best way to generate the Key without my user knowing what the Key is? Right now I am just hard coding my name in the code as the Key. I know that is not how it should be done, but I am a noob hobbyist at VB.Net, and I just wanted to make sure I could encrypt / decrypt the data before moving on to the next step. I am not storing government secrets. I just wanted a bit of additional security. I would also not like my users to all have the same key.
What are some ideas to make a better Key? I do not want to ask the user for a password as then they will know the key and could easily decrypt the data. I believe I read somewhere to use the Serial Number of the motherboard the app is running on as the key. I guess that would work for me. The drawback is if the person uses the app on a different machine they could not simply copy the data file to the new computer and continue using it. How would I get the serial number for the motherboard (if that is a good idea)?
Any other ideas on how to generate a permanent key without telling the user? I want to avoid putting anything in to the registry. I just want some way at app startup to load a value from somewhere to a variable, and then use that variable each time the app runs.
I am not a programmer, so please be gentle. This is the code I am using to encrypt / decrypt in case it matters on how to generate the key. Most of this code I gathered from the Internet. Please don't ask me why I did certain things the way I did. :culpability:
Thanks all!
This is how I call the encrypt currently:
My next question. What is the best way to generate the Key without my user knowing what the Key is? Right now I am just hard coding my name in the code as the Key. I know that is not how it should be done, but I am a noob hobbyist at VB.Net, and I just wanted to make sure I could encrypt / decrypt the data before moving on to the next step. I am not storing government secrets. I just wanted a bit of additional security. I would also not like my users to all have the same key.
What are some ideas to make a better Key? I do not want to ask the user for a password as then they will know the key and could easily decrypt the data. I believe I read somewhere to use the Serial Number of the motherboard the app is running on as the key. I guess that would work for me. The drawback is if the person uses the app on a different machine they could not simply copy the data file to the new computer and continue using it. How would I get the serial number for the motherboard (if that is a good idea)?
Any other ideas on how to generate a permanent key without telling the user? I want to avoid putting anything in to the registry. I just want some way at app startup to load a value from somewhere to a variable, and then use that variable each time the app runs.
I am not a programmer, so please be gentle. This is the code I am using to encrypt / decrypt in case it matters on how to generate the key. Most of this code I gathered from the Internet. Please don't ask me why I did certain things the way I did. :culpability:
Thanks all!
VB.NET:
Public Class Crypto
Private Shared DES As New TripleDESCryptoServiceProvider
Private Shared MD5 As New MD5CryptoServiceProvider
Public Shared Function MD5Hash(ByVal value As String) As Byte()
Return MD5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(value))
End Function
Public Shared Function Encrypt(ByVal stringToEncrypt As String, ByVal key As String) As String
DES.Key = MD5Hash(key)
DES.Mode = CipherMode.ECB
Dim Buffer As Byte() = ASCIIEncoding.ASCII.GetBytes(stringToEncrypt)
Return Convert.ToBase64String(DES.CreateEncryptor().TransformFinalBlock(Buffer, 0, Buffer.Length))
End Function
Public Shared Function Decrypt(ByVal encryptedString As String, ByVal key As String) As String
Try
DES.Key = MD5Hash(key)
DES.Mode = CipherMode.ECB
Dim Buffer As Byte() = Convert.FromBase64String(encryptedString)
Return ASCIIEncoding.ASCII.GetString(DES.CreateDecryptor().TransformFinalBlock(Buffer, 0, Buffer.Length))
Catch
MessageBox.Show("Wrong Key Number, decryption not available!")
Return 0
End Try
End Function
End Class
This is how I call the encrypt currently:
VB.NET:
Crypto.Encrypt(myStringToEncrypt, "michael")
Last edited: