Which is the most secure way to store a small amount of structured data?

I have a small amount of structured data and I need to accomplish three tasks:

1. Save/retrieve data to/from hard disk or USB pen
2. Have a "portable" app (nothing to install on pc other than framework)
3. Secure data

Which is the best way to reach my goal? I think that, beeing开发者_JS百科 structured data, I could/should use a database... but which one?

MySql is free and really fast but needs to be installed... discarded.

MsSql/Oracle have the same problem, so they can't be used.

Maybe SQLite? Well, this could be a good option: nothing to install, a single file that can be encrypted too using a byte array or a string as password.

And what about XML? It's easy to use, just a single file that could be encrypted too... but the question is how? Using AES? 3DES? Or simply storing XML stream in a ZIP/7Z file protected with a long password?

I know nothing can be completely sure (today we have GPUs and cloud computing to break protections and passwords), but how can I create a really secure archive easy to use and portable?

Which is the most secure way? Why?

Thanks

XML is a cross-platform, non-proprietary way of storing information. Data stored in XML format can be read by almost any modern operating system, and requires very little software to be stored on the USB drive, and should never require the installation of any 3rd party software. AES is usually secure enough, as long as it's salted.

Whatever data is easy for you to parse. XML and SQLite are both good choices. Use whichever one better suits your purpose and make sure you encrypt it well. SQLite is good if your data fits a relational model well -- tables, columns, rows -- and XML is a good choice if you want to store hierarchical data. Which encryption algorithm you choose again depends on the application -- how much security you need as well as what has better library support for your language of choice. Either XML or SQLite will only be as secure as the encryption you use.

There are some off-the-shelf SQLite encryption products, but none of them are free AFAICT. Probably the best solution is SQLite Encryption Extension, which is written by the author of SQLite himself, but it costs ($2000). You can probably roll your own, but it won't be as clean. I also believe that if you're using .NET then I believe you can get some free password protection from the .NET libraries (see Password Protect a SQLite DB. Is it possible?).

Edit: after a bit more research, I've turned a good list of SQLite wrappers that says which ones support encryption. Choose based on language and personal preference.

http://www.safehousesoftware.com/SafeHouseExplorerU3.aspx

There is software which allows you to encrypt part of you usb key.

I think the easiest way is to use the System.Data.Sqlite wrapper around the Sqlite database. Encrypting the database is very easy: all you do is set the password property to your key string. They discuss how they use the Microsoft Crypto API and RC4 algorithm in their forum.

You get the advantage of a SQL database, an ADO.Net interface, single-file database, and a single DLL in your project. It couldn't be easier, even if all you're doing is storing XML strings in your database.