As you need to access that decoded data again and again, so we will decrypt it at the start of application and store it in IsolatedStorage
which is secure and faster.
Where you should store the key?
You can store it in a text file in binary format and that text file will placed under Temp file of windows.
if Key is user dependent then you can use UserProfile's temp folder to store it or in an Certificate file which user will upload or It will install in user machine and your application will read it from their ( its applicable for windows application ).
You can use certificate for Web Application also Read More
In this way you can develop an highly secure web application.
For Certificate Details Click Here
I think it will help You...
Do you need to change the key in run time ?