Securing encryption keys in C#

I am aware of the many cryptography providers that are available in the .NET framework along with the basics of how to use them. This is simple enough.

But my concern is this.

Lets say I want to use these libraries to encrypt XML serialized objects 开发者_如何学编程to prevent tampering and the ability of anyone to come along and view the contents of these files.

The problem that I am always left with is that the key to decrypt this data would need to be stored as a constant somewhere in my application. Essentially rendering the entire exercise pointless.

So, how does one store a key for an encryption algorithm securely inside of a disassemblable application?

EDIT: So If I am understanding both answers below correctly. What this means is that essentially any implementation (to be secure) requires it to be readonly or writeonly but never both? Is this correct?

You don't. If the application can access the key, it is just security by obscurity. It is better to authenticate the user in some way (a password is the simplest example), to make sure he is allowed to access the data. You can't let the application do that for you, because it simply isn't trustworthy. Anyone can obtain the information stored in the application.

If the key information is stored somewhere else, a malicious user or application can probably access it, too. If not, then store your data directly to that magical safe place.

Now if you still want to go down that path and store sensitive data without authentication, your best bet - or at least an easy way that is halfway secure - is probably the DPAPI (see the ProtectedData class in System.Security.Cryptography). It will encrypt the data either with the machine key or to the user account key (you can select that). So that a program running on another machine or with another user account can't access it. Windows will try to protect those keys but in effect any application running on the proper machine or with the proper user account may be able to access your data.

We'll assume you're using some kind of public key cryptography scheme, because otherwise it would be pointless.

The answer is you do not store the private key anywhere in the application. You store it somewhere where only your application can get to it. For example, a file in the local system that only admins and your app have rights to read it. On a protected network share. Etc.

Think about how we manage keys as people. We keep our private ones in a file maybe, or an encrypted USB drive or something like that. The same principles apply to applications.

There a various possible solutions. One of them is using RSA. Alternatively you could use the same approach used in TLS.

One good way would be to generate a pair of public and private key. Encrypt with the private and destroy the key. With the public key, you could decrypt but not tamper the data.

Collecting given answers: All encryption security relies on protection of a "root" password. This cannot be guaranteed in a compromitable system.

A feasible hardware architecture is given by e.g. Chip Card Readers. As external systems they cannot be compromised by internal malicious manipulations.

Accordingly you could set up a separate "Secure Server" with strongly restricted access, e.g. key board and local network. This server would provide sensitive data like passwords by secured communication with authenticated clients in a limited time window.

Suggested measures for clients in this time window are clamping spyware, messengers, remote control server and basically internet access, process monitoring, ...

... or you do all sensitive data processing on secure platforms, excluding talkative ones like Windows.