Please see my comment to the question. You can consider: 1) reviewing you idea; maybe you don't really need any protection; 2) cryptography, 3) setting file permission; 4) some combination of the previous approaches.
First of all, you need to understand that you hardly can develop 100% protection, just because whatever your application can do with this file, some experienced user can do, too. You cannot give your application more permission than you user can get. So, your "protection" could be more of some fool-proof feature, pretty strong in this sense, but not in the sense of total protection.
I would first consider cryptography. I would advise to combine two techniques:
cryptographic hash function and
encryption. Encryption will, first of all, protect the file from reading and understanding its content. In addition, hash will make any random change to the file
cryptographically infeasible. When a user change anything in the file, it will be detected by your code and the file will be considered broken; they use will have to re-install the application.
So, please see:
http://en.wikipedia.org/wiki/Cryptographic_hash_function[
^],
http://en.wikipedia.org/wiki/Cryptography[
^].
Here is what you can do: 1) calculate cryptographic hash function of your file, 2) put the hash value and the file in the same stream, one piece after another, 3) encrypt the result of it; 4) store the encryption key(s) in your application in the forms of static readonly array of bytes. I hope you understand how to revert this operation and restore the file. As to the hash value, you read it from the stream, read/decrypt the original file, calculate its hash and compare with the has your stored. Any difference means that the file was broken.
The selection of particular algorithms is not really critical, but for encryption, a
symmetric algorithm (see the links below) will be enough.
You have it all in .NET FCL:
http://msdn.microsoft.com/en-us/library/System.Security.Cryptography%28v=vs.110%29.aspx[
^],
http://msdn.microsoft.com/en-us/library/system.security.cryptography.asymmetricalgorithm%28v=vs.110%29.aspx[
^],
http://msdn.microsoft.com/en-us/library/system.security.cryptography.symmetricalgorithm%28v=vs.110%29.aspx[
^],
http://msdn.microsoft.com/en-us/library/system.security.cryptography.hashalgorithm%28v=vs.110%29.aspx[
^].
Now, about the use of file permissions. Again, you should remember that you cannot give your application more permission than the user can get. So, I would not take it seriously. But for the fool-proof protection, the following schema could work: you give administrative permissions to the file (for reading, writing, or both). It means that you need to give administrative permissions to your application, which will require elevation of the permission by requesting confirmation from the user (UAC request dialog, see also:
http://en.wikipedia.org/wiki/User_Account_Control[
^]). So, this solution will also be somewhat annoying, not only pretty inefficient.
Nevertheless, I'll describe it, just in case. You can avoid the need to run your application "As Administrator" by adding and embedding appropriate application manifest in your assembly. Then the elevation will be simply automatically requested by running the application, from the very beginning. This is how:
http://msdn.microsoft.com/en-us/library/bb756929.aspx[
^].
—SA
Submit an article or tip