[C#] Best encryption method for ftp password

[sathenzar]

I'm building a class that manages ftp connections. I just realized when making a private string for the password that anyone could just load the program in a hex program or something and grab the password can't they? Or aren't there ways to obtain that string? It seems kind of a bad idea to just have an ftp password sitting there in plain text. But I can do a one way encryption b/c I'd have no way of decrypting it for them. Any ideas to this solution? Or is it not even a problem if it's set to private?

[the evn show]

If you're using standard FTP the password isn't sent encrypted during authentication. If someone wanted it they could just sniff their own network traffic and read the plain text after your program has done whatever it is it needed to do in order de-obfuscate it.

[Verdelite]

if you wanted to keep someone from locally reading it, consider md5 hashing the password, it wont get sent encrypted and they could sniff it if theyw anted to, but if its md5'd in the proggy then its pretty secure

[sathenzar]

thanks for the pointers :)

[the evn show]

  G0NADS said:

if you wanted to keep someone from locally reading it, consider md5 hashing the password, it wont get sent encrypted and they could sniff it if theyw anted to, but if its md5'd in the proggy then its pretty secure

How do you propose turning that hash back into the source password so that it can be used when authenticating with the FTP server?

[boogerjones]

Really the only way to not store the password in some readable form would be to have user interaction. In other words, have someone enter the password into a dialog box or something (obviously not what you want).

Here are some things you could do (none of which are fool-proof):

1) Encode the password locally with Base64 or something, then decode it when it needs to be sent to the FTP server. At least the password wouldn't be stored in plain sight.

2) Encrypt the password with AES locally and decrypt it before sending to the FTP server. This technically is no more secure then #1, because you'd have to store your AES key somewhere, which someone could read and then use to decrypt your FTP password.

3) Store the password in an encrypted database, such as SQLite. Again, same problem as above.

These methods all add steps that would prevent the casual person browsing your code or disassembling your program from seeing the plaintext password. But I think the bottom line is that in any system where someone has access to the machine running your code, the password could be compromised. It would be important to consider who has access to that code, and what their level of computer knowledge is. If it's a casual user, then the above methods should be fine. But if it's a knowledgeable programmer, I think you're out of luck.

Also, don't forget what "the evn show" said above: if you're using the plain FTP protocol, any ol' idiot can simply sniff the password from the network traffic, which would obviate the need to encrypt the password in your code.

[Express]

The recommended way is to use DPAPI

See http://msdn.microsoft.com/en-us/library/ms995355.aspx

Use ProtectedData class in System.Security.Cryptography if code is in .net

[boogerjones]

  Express said:

The recommended way is to use DPAPI

See http://msdn.microsoft.com/en-us/library/ms995355.aspx

Use ProtectedData class in System.Security.Cryptography if code is in .net

Thanks for pointing that out, but doesn't it inherently suffer from the same problem (that someone with access to the code could run the same protection routines to decrypt the password)?. Also, the protected FTP passwords could not be transferred to another machine because the ProtectedData class locks it to the current computer or user.

[Express]

  boogerjones said:

that someone with access to the code could run the same protection routines to decrypt the password

Only if someone knows your username & password+has access to your system. <= Equivalent to no password!

Just Code access doesn't give away your credentials.

  boogerjones said:

the protected FTP passwords could not be transferred to another machine because the ProtectedData class locks it to the current computer or user

I consider that as a plus point from a security perspective.