5

I want to have a program like this:

scanf("%s", name);
scanf("%s", id);
scanf("%d", &age);

Now I want to write name, id and age to a file, but the file should be encrypted, so that only my program can read back the data it wrote.

Do I need to use one of the encryption libraries mentioned here (they all are pretty heavy duty libraries, I just need to encrypt a text file), or is there any other simpler method?

If an encryption library is the solution, which one is best suited for a simple text file encryption?

Improve this question
1
  • 3
    If you start with the encryption of files I recommend you to think also about where you should hold the password/key used for file encryption. Commented Aug 1, 2010 at 13:31

6 Answers 6

Reset to default
8

If you want security, it is a mistake to roll your own encryption library. Use a well established encryption library (even if it may seem bloated), and leave security and its proper implementation to the experts.

If you can use C++, I suggest Crypto++, and if you can't use C++, then I suggest you implement a C wrapper library around Crypto++. Another possibility is libcrypto, although it lacks support for AES.

I should warn you, though, that if the program and the text file are on the same machine, you will need to have the password supplied externally (e.g. by the user); passwords that are embedded in programs are easily extracted, and offer no security at all. If the program is inaccessible (e.g. it is located on a webserver, and someone with the text file won't have access to the executable), then it is ok.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

3

Better use a symmetric-key algorithm, as AES. You can find small sourcecodes here for instance.

If your applications are critical, then you should use the libraries you linked to.

Improve this answer

Comments

2

Do you need strong encryption? Do the people you are protecting the file from have access to the executable and have the skills to disassemble and analyse it? Do hey have cryptanalytic skills? If not, you can use very simple XOR-based cipher.

  1. Use a program to generate a LONG random string of characters, e.g "837es238aj983", but longer than any string you may read from input (it does not need to be readable).
  2. Generate a random integer.
  3. Store the random string and integer as global variables in your C program.
  4. XOR each age you read with your random integer and save the XORed value to the file.
  5. XOR each character in the strings you read from input with the character at the same index in your random string. Save the XORed value to the file.
  6. When you read the values from file, you XOR again with your random keys and obtain the original values.
Improve this answer

2 Comments

-1. Don't implement your own crypto, ever. If you need it to be secure, use real crypto. If you don't need it to be secure, don't encrypt it in the first place.
@SecurityMatt This isn't "implement your own crypto" so much as the idea of the "One Time Pad", but it doesn't work if you re-use the keys lol
0

For a simple text file that you read / write in one go I'd use a stream cipher, e.g. RC4.

Assuming you're using an embedded secret key RC4 is easy enough to implement yourself, or there should be plenty of lightweight implementations out there.

Improve this answer

2 Comments

But how would you consume the IV? That's quite difficult with RC4.
You typically combine the IV with the password or other shared secret in the input for the key generation step, e.g. either append or prepend it to the password.
0

If you're using Windows, consider using the Windows Encryption APIs which are available from both C and C++:

http://msdn.microsoft.com/en-us/library/windows/desktop/aa382358(v=vs.85).aspx

Improve this answer

Comments

-3 
Public Class Tester
    Public Shared Sub Main()
        Try
            Dim myDESProvider As DESCryptoServiceProvider = New DESCryptoServiceProvider()
            myDESProvider.Key = ASCIIEncoding.ASCII.GetBytes("12345678")
            myDESProvider.IV = ASCIIEncoding.ASCII.GetBytes("12345678")
            Dim myICryptoTransform As ICryptoTransform = myDESProvider.CreateEncryptor(myDESProvider.Key, myDESProvider.IV)
            Dim ProcessFileStream As FileStream = New FileStream("Encrypted.txt", FileMode.Open, FileAccess.Read)
            Dim ResultFileStream As FileStream = New FileStream("Decrypted.txt", FileMode.Create, FileAccess.Write)
            Dim myCryptoStream As CryptoStream = New CryptoStream(ResultFileStream, myICryptoTransform, CryptoStreamMode.Write)
            Dim bytearrayinput(ProcessFileStream.Length - 1) As Byte
            ProcessFileStream.Read(bytearrayinput, 0, bytearrayinput.Length)
            myCryptoStream.Write(bytearrayinput, 0, bytearrayinput.Length)
            myCryptoStream.Close()
            ProcessFileStream.Close()
            ResultFileStream.Close()
         Catch ex As Exception
            Console.WriteLine(ex.Message)
        End Try
        Console.ReadLine()
    End Sub
End Class
Improve this answer

1 Comment

While this code may solve the question, including an explanation of how and why this solves the problem would really help to improve the quality of your post, and probably result in more up-votes. Remember that you are answering the question for readers in the future, not just the person asking now. Please edit your answer to add explanations and give an indication of what limitations and assumptions apply.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.