This is meant as a follow up to my previous post where I talked about the dangers of just leaving your keys laying around when you want to decrypt an XML file. Well, I devised just one solution that can help make your code a little harder to crack. This article will be a little easier to follow (I hope) if you read the last post, because this post is really a supplement to it.
One of my professors at Purdue always raved about XML and how it was a powerful language. I thought it was a cool language, sure, because you could make up your own tags, but the ways I could use it escaped me at the time. However, I’ve begun using XML as a database, and it coupled with XPATH have opened to my eyes to a dynamic data storage world. It makes it easy to create and read data, but it also makes it easy to share between applications. Up until this “aha!” moment, I found XML only to be useful for RSS feeds and weather data.
But, the easy readability of XML comes at a price: if you’re storing sensitive data, any person who can read has a pretty good shot at understanding it. So, I went on a quest to find out ways to password-protect or encrypt XML files, and found out that recently the .NET framework began supporting a few easy to use methods to make encryption/decryption a fairly simple task. I’ll cover both of these, with some caveats, in Visual Basic .NET, since that’s the language I’ve been writing in.