How to distribute keys securely with binaries in .NET?

Question

Can I distribute a .NET app that uses a key that the user can't access, but the app can?

Note that I am using the word distribute in the sense that the application is delivered to run in the user's computer, not in a cloud or cluster.

Answer 1

Anything in your application can be accessed by a skilled enough user.

This is why games and the like moved from storing key algorithms inside the program to verifying with an outside, game manufacturer owned server.

If you're just trying to keep out the average joe, just hash it and store it like any other variable..like a padlock on a door, it won't keep out the determined user, but keep honest men honest.

Answer 2

There's two general answers to your question.

If your question is this:

Is it possible for me to pass a key alongside my executable in any way that makes it 100% impossible for any user to access, but still my program can access it?

Then the answer is this: No, you can't.

Anything your code can do, the user can potentially do as well.

All you can do is make it hard for the user. Encrypt it, hide it.

---

If your question is this:

Is it possible for me to pass a key alongside my executable in any way that makes it very unlikely that my users can access, but still my program can access it?

Then the answer is this: See answer to the first case, in particular the part about making it hard for the user.

Answer 3

Depending on what you are trying to encrypt, you would deliver the public key, retaining your private key and you could distribute it freely. What are you trying to accomplish exactly?

Answer 4

Not really. You can make it annoying to retrieve the key, but if it can be used by the program, the user can inevitably read it as well.