Click here to Skip to main content
15,071,921 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
Hi All,

My client required to encrypt password using symmetric key cryptography(Private Key).

When user account will be created then password of the user will be encrypted and save in the database table with the help of the private key.

The private key should be change with some interval of the time.

I have develop below code, I am using key like "

Actually encrypt data with key is Ok but when I decrypt data we need the IV key also and its different for each encryption.

I don't want to save any key in the database. How to manage it please suggest.

I used the below code:
private RijndaelManaged CreateCipher()
            // Triple DES
            RijndaelManaged cipher = new RijndaelManaged();
            cipher.KeySize = 256;
            cipher.BlockSize = 128;
            cipher.Padding = PaddingMode.ISO10126;
            cipher.Mode = CipherMode.CBC;
            //string text = GetKeyFromContainer("KeyContainer"); //
            string text = System.IO.File.ReadAllText("D:\\ITC\\Symmetric Key\\Key.txt");

            byte[] key = HexToByteArray(text);
            cipher.Key = key;
            return cipher;
        public byte[] HexToByteArray(string hexString)
            if (0 != (hexString.Length % 2))
                throw new ApplicationException("Hex string must be multiple of 2 in length");

            int byteCount = hexString.Length / 2;
            byte[] byteValues = new byte[byteCount];
            for (int i = 0; i < byteCount; i++)
                byteValues[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16);
            return byteValues;

        public string Encrypt(string plainText)
            RijndaelManaged rijndael = CreateCipher();
            ICryptoTransform cryptoTransform = rijndael.CreateEncryptor();
            byte[] plain = Encoding.UTF8.GetBytes(plainText);
            byte[] cipherText = cryptoTransform.TransformFinalBlock(plain, 0, plain.Length);

            Program Prm = new Program();
            //int i = Prm.Insert("Test1", Convert.ToBase64String(cipherText), plainText);


            //Program P1 = new Program();
            CipherText = Convert.ToBase64String(cipherText);
            IV = Convert.ToBase64String(rijndael.IV);


            return CipherText;

        public string Decrypt(string iv, string cipherText)
            RijndaelManaged cipher = CreateCipher();
            cipher.IV = Convert.FromBase64String(iv);
            ICryptoTransform cryptTransform = cipher.CreateDecryptor();
            byte[] cipherTextBytes = Convert.FromBase64String(cipherText);
            byte[] plainText = cryptTransform.TransformFinalBlock(cipherTextBytes, 0, cipherTextBytes.Length);

            return (Encoding.UTF8.GetString(plainText));

Well, this may not be the exact answer to your question, but you should never store your password in plain or even in Encrypted form. You should always store it in some irreversible form. In order to do that, you can make use of Hashing function. Please see well explained Articles for reference.

Password Storage: How to do it.[^]

A Beginner's Tutorial for Understanding and Implementing Password Hashing and Salting[^]

Bhanu Pratap Verma 19-Aug-14 3:28am
Dear Rohan, Thank you for your quick reply, I am already Implemented password hashing in my project but its client requirement
to use the password encrypt/decrypt with symmetric key cryptography.
Please help me out,, Project deadline coming soon.
Hi All, Your reply will be highly appreciated.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900