Full Article and download here

This article discusses:

A handy cyptographic utility
Background on cryptographic algorithms
Protecting your keys
Potential pitfalls

We've all been warned not to store secret information on computers. You know that storing passwords, credit card numbers, or Social Security numbers on your system is risky and can open the door for someone to steal that information. However, you may well have the need to store such sensitive information on computer systems.

Let's say you're running a bank payment processing system. Such a system needs to store credit card numbers to process recurring charges, to reverse charges, and to perform account audits. In this scenario, a non-reversible methodology (such as a hash algorithm applied to a password) is simply not appropriate. Additionally, both scenarios require encryption and decryption on multiple, independent machines.

In this article, we will examine some of the issues involved with developing strong encryption components for applications. The components will be usable in scenarios like the one we described. In addition, we have some other goals for a program we created called CryptoUtility. First, we want the highest possible level of security that is practical for server-side Web applications. Second, setup should be relatively easy from an administrator's point of view, allowing deployment to multiple servers without wading through 10 pages of installation instructions. Third, reversible encryption (which we'll get into later) must be available, with the keys protected and stored securely. Of course, since this is a server application, it needs to be highly scalable and run for months without administrative babysitting or rebooting. Finally, this component should be accessible to legacy COM applications (such as classic ASP) as well as .NET-based applications (such as Web services and Web applications running on ASP.NET).

Extensive Article with a downloadable app to use.