Encrypt Decrypt of a String in C# .NET

C# Encryption and Decryption of a String With a Simple Function Call

Cryptography is a big subject area and extremely important for modern software and programs. If you are writing any type of software you need an understanding of software security and methods to keep data, code and users secure. Encrypting data keeps it secure because it hides its meaning, converting the plaintext (or cleartext) to ciphertext. To see the data again you need to decrypt the ciphertext back to plaintext. A simple example is the encryption of passwords to protect them from use by others.

Encryption and decryption of a password or other strings containing data can be done in many ways. There are many character substitution or transposition methods that pre-date the computing era and can be traced back to classical times. Modern computer based methods use symmetric key and asymmetric key mathematical algorithms. There are lots of well established algorithms from which to choose. However not everyone wants to take a course in cryptography just to be able to encrypt a string to hide some data and decrypt it back again. That’s where this example C# encryption and decryption code comes in handy. This code was tested in Visual Studio 2013.

This C# code has been boiled down to an encryption function that takes a plaintext string and passphrase and returns an encrypted string. There is the reverse function that takes the ciphertext and the passphrase and returns the plaintext. This is a quick and easy method of adding some encryption to a C# project, or any .NET project. The encrypt decrypt C# string functions are in a simple class. An example project shows how simple it is to use them.

The code presented here is not going to be explained in detail. Instead it is recommended that it is studied. The reader should to refer to online resources and the Microsoft .NET Framework documentation on the System.Security.Cryptography namespace. The code was picked up from the Stack Overflow question Encrypting and Decrypting a String in C#.

This code is using a symmetric key algorithm known as Rijndael (after the inventors Vincent Rijmen and Joan Daemen) implemented by the .NET Framework. This algorithm performs substitutions and permutations on data blocks with keys sized in multiples of 32 bits. The cipher mode is Cipher Block Chaining (CBC) which can take a different Initialisation Vector (IV) for each use to further obfuscate the cipher text. In which case the same passphrase and plaintext will produce different ciphertexts if a different IV is used. Change the IV string for you own value or generate a random one (this can be done at https://www.random.org/strings/).  The passphrase is not salted but can be, see the documentation for PasswordDeriveBytes. Note that the encryption and decryption is performed on bytes and not Unicode characters hence the conversion from strings to byte arrays in the code (it also means that these functions can be adapted for other data types if required).

This small example shows the encrypt decrypt functionality in action. Create a similar WinForm or download the code, which has this dialog.

Encrypt Decrypt a C# String

Encryption of a string in C# with a password is as simple as:

And decryption is just as easy:

Example project and source code: EncryptString.zip

See also: Effortless .NET Encryption

22 thoughts on “Encrypt Decrypt of a String in C# .NET

  1. I tried this, encryption works but when I go to decrypt, I get an error when it tries to figure out the decrypted byte count.

    Any ideas?

  2. This example is perfect for my usecase but there is only one problem. I want to use encrypted key inside URL so when I get that encrypted key I decrypted it and get the id of the product and bind the product. But I realized that ecrypted key contains “/’ which is not good for URLs. Is there any way to fix that ?

    Thanks in advance

    • The encrypted text consists of printable characters, = is a printable character, it is chance that two = characters appeared at the end. Due to the nature of the mathematics used the encrypted output (ciphertext) appears as a random string of characters and == happened to occur.

  3. Very nice tutorial! Encryption was good. Unfortunately there was an error on decryption.
    “Padding is invalid and cannot be removed.”

    • You need to be a bit more specific with your requirements. For multiple strings (e.g. stored in an array) use a loop calling the routine for each string in turn.

  4. Hello! Please confirm if the sample code above can be freely used by any developer – no license/copyright needed. Thank you.

    • Yes, free to use, no restrictions, public domain. However, this also means there is no warranty and the user needs to take full responsibility for using the code.

Leave a Reply

Your email address will not be published. Required fields are marked *

Human Verification: In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.