C# How do I do encryption?

I'm not asking for a tutorial with code, I'm trying to do the research, but I want to make sure I'm asking the right questions.

• What's the best form of encryption I can use out of the box with .NET?
• Public/Private key, where do I store these things securely?
• What tools should I have in order to do this properly?

I started off with an AESCryptoServiceProvider, encrypted a string I passed in, I was happy. Tested that 开发者_运维知识库if I called it twice it would come out with the same value. Then realized I hadn't provided any form of key, so a second run of the app yielded different results. So I began reading up, seeing RSA Public/Private keys etc. etc. And just want make sure I'm going down the right path with the reading I'm doing. There's tons of examples out there, few mention where you put these keys or where you even get them from.

There's a lot of cryptological functions in System.Security.Cryptography.

They have hashes, crypts, streams, and a lot more.

The RSA provider is a good one. And about storing the constants securely. I can only suggest storing them crypted in the solution. You shouldn't be able to read them from the source, so there needs to be some kind of security after the assembly has build. Maybe obfuscation, maybe something else. About the generating of the key, do not use your own system, or any development system I guess.

EDIT:
To generate keys you better use either user input, for example, just create a little application, that calculated the time it takes to type a certain piece of text, per letter.

Or use a HRNG/TRNG, Hardware Random Number Generator (uses input from the actual world, retrieved through sensors). Or True Random Number Generator, basically also HRNG, but mostly with other forms of input, very advanced.
RANDOM.ORG should be able to help you out.

If it's not that extreme important, just go smack your head against your keyboard, and see the results :).

Go for AES. Stack Overflow already has a wonderful implementation of AES Algorithm as an answer.

Regarding "Public/Private key, where do I store these things securely?", I recommend that you do not re-invent the wheel. Microsoft has already spent a great deal of effort to build, and is actively maintaining and (hopefully) improving, infrastructure to store private keys: https://msdn.microsoft.com/en-us/library/windows/desktop/bb204778%28v=vs.85%29.aspx. You can use the native key storage.