Retrive username/password with password/username : Encryption/decryption from file


Encrtpt and Decrypt (retrive) Username with a password from a file

Hi,

In my previous post I had discussed on how to derive a encrypted password using RFC2898
http://dotnetspider.com/resources/40614-PBKDF-Rfc-DeriveBytes-Encryption.aspx

Let us now see an extented application on RFC2898.
On how can we encrypt a Username/password into a file, and decrypt it later

What I am going to discuss here is that:
My scenario constitutes of a "username" and a "password". Let us assume a situation when you forget the password.
You only can recall your username, so how can we retrive our username.

The idea is to store the password into a file in encrypted format then decrypt the file and retrive the password

Lets start


using System.IO;
using Crypto_file_encryption;
using Crypto_file_decryption;


Crypto_file_encryption : Custom Namespace uses "file_encrypt.EncryptFile()" method, which we will use here later.
Details in : http://dotnetspider.com/resources/40625-Encrypt-Files-Using-RFC-Rijndael.aspx

Crypto_file_decryption : Custom Namespace uses "file_decrypt.DecryptFile()" method, which we will use here later.
Details in : http://dotnetspider.com/resources/40626-Decrypt-Files.aspx

System.IO : For File Handling

Now Let us start encrypting

string My_Path = "My_secret_file.txt";

//Search for the file "My_secret_file.txt"
if (!File.Exists(My_Path))
{
MY_ENCRYPTION(My_Path);

}
else
{
//Delete the old file to create a new file
File.Delete(My_Path);
MY_ENCRYPTION(My_Path);

}
//A method for Encrypting the data
//where "Path" is the path where you want to store your file
void MY_ENCRYPTION(string Path)
{
string My_password = "p@$$W0rD";
string My_username = "Mrinmay Paul"

//Create a new file My_secret_file.txt.my
FileStream fin = new FileStream(Path + ".my", FileMode.Create, FileAccess.Write, FileShare.ReadWrite);

StreamWriter tw = new StreamWriter(fin);

//Write the password into My_secret_file.txt.my in non-encrypted format
tw.Write(My_password);
tw.Close();

fin.Close();

string inFile = Path + ".my";
string outFile = Path;

//Here we encrypt our file.
//For details on file_encrypt.EncryptFile()
//http://dotnetspider.com/resources/40625-Encrypt-Files-Using-RFC-Rijndael.aspx
file_encrypt.EncryptFile(inFile, outFile, My_username);
File.Delete(inFile);//Delete the non-encrypted file

}


Now Let's decrypt the file and retrive the password

//A method for Decrypting the data
//where "Path" is the path where you have stored the encrypted_file
void MY_DECRYPTION(string Path)
{
string Path = "My_secret_file.txt";
string inFile = Path;
string outFile = Path + ".my";

try
{
//Here we decrypt our file.
//For details on file_decrypt.DecryptFile()
//http://dotnetspider.com/resources/40626-Decrypt-Files.aspx
file_decrypt.DecryptFile(inFile, outFile, username_box.Text);

FileStream fin = new FileStream(outFile, FileMode.Open, FileAccess.Read, FileShare.ReadWrite);

StreamReader tr2 = new StreamReader(fin);
string My_Retrived_pass = tr2.ReadLine();

fin.Close();

File.Delete(outFile);

// The Password is : "My_Retrived_pass"
}
catch
{
MessageBox.Show("Invalid username or File not Found \n Try Again");
}
}


Hope that you enjoyed it.

Also attaching a sample application.

Point to note : To really understand this app, have a look at my two previous posts
1.http://dotnetspider.com/resources/40625-Encrypt-Files-Using-RFC-Rijndael.aspx
2.http://dotnetspider.com/resources/40626-Decrypt-Files.aspx
Cheers
Paul


Attachments

  • Retrive_user_name (40632-15918-Retrive_user_name.rar)
  • Comments

    Author: Mrinmay Paul16 Sep 2010 Member Level: Gold   Points : 1

    I have a question for you!!!

    Q1.Can you tell me where a direct attack is possible to the encryption/decryption implementation in this code ?

    Q2.And (however if you found out the answer to the first question) how can you correct/modify it so a direct attack is not possible ?

    Note:
    There is no flaw in my Encryption/decryption algorithms ( thats what I feel), however if you find a flaw in my Encryption/decryption algorithms please do let me know.

    The flaw is in its implementation here.

    Author: Mrinmay Paul05 Oct 2010 Member Level: Gold   Points : 1

    Hi,

    The Flaw and the solution have discussed here:
    http://dotnetspider.com/resources/40832-Encryption-Decryption-Implementation-Hazards.aspx

    Cheers
    Paul



  • Do not include your name, "with regards" etc in the comment. Write detailed comment, relevant to the topic.
  • No HTML formatting and links to other web sites are allowed.
  • This is a strictly moderated site. Absolutely no spam allowed.
  • Name:
    Email: