What's the best method of Encryption whilst using ProtoBuf?
I think you're on the right track. You should just be able to do something like:
ICryptoTransform encryptor = ...
Stream encStream = new CryptoStream(outputFileStream, encryptor, CryptoStreamMode.Write);
Serializer.Serialize(encStream, obj);
encStream.FlushFinalBlock()
encStream.Close();
ICryptoTransform decryptor = ...
Stream decStream = new CryptoStream(inputputFileStream, decryptor, CryptoStreamMode.Read);
Serializer.Deserialize<Type>(decStream);
decStream.FlushFinalBlock()
decStream.Close();
For the basics of .NET's encryption framework (including how to get the ICryptoTransform objects, see other questions like What’s the best way to encrypt short strings in .NET?.
Another option is to actually encrypt the entire folder where the data is stored by installing a system-wide file system filter. The advantages here are that:
- Your app code is agnostic to the encryption and the encryption will be done in native code.
- Since the encryption is done in native code, it's going to be faster
- Since the encryption is not inside managed code, it's a lot harder to reverse engineer and figure out your keys, salts, etc.
Of course the disadvantage (for those who don't write C anyway) is that you can't write it in C#.