How to encrypt a text file using C?

Question

I want to have a program like this:

scanf("%s", name);
scanf("%s", id);
scanf("%d", &age);

Now I want to write name, id and age to a file, but the file should be encrypted, so that only my program can read back the data it wrote.

Do I need to use one of the encryption libraries mentioned here (they all are pretty heavy duty libraries, I just need to encrypt a text file), or is there any other simpler method?

If an encryption library is the solution, which one is best suited for a simple text file encryption?

Answer 1

Better use a symmetric-key algorithm, as AES. You can find small sourcecodes here for instance.

If your applications are critical, then you should use the libraries you linked to.

Answer 2

If you want security, it is a mistake to roll your own encryption library. Use a well established encryption library (even if it may seem bloated), and leave security and its proper implementation to the experts.

If you can use C++, I suggest Crypto++, and if you can't use C++, then I suggest you implement a C wrapper library around Crypto++. Another possibility is libcrypto, although it lacks support for AES.

I should warn you, though, that if the program and the text file are on the same machine, you will need to have the password supplied externally (e.g. by the user); passwords that are embedded in programs are easily extracted, and offer no security at all. If the program is inaccessible (e.g. it is located on a webserver, and someone with the text file won't have access to the executable), then it is ok.

Answer 3

For a simple text file that you read / write in one go I'd use a stream cipher, e.g. RC4.

Assuming you're using an embedded secret key RC4 is easy enough to implement yourself, or there should be plenty of lightweight implementations out there.

Answer 4

Do you need strong encryption? Do the people you are protecting the file from have access to the executable and have the skills to disassemble and analyse it? Do hey have cryptanalytic skills? If not, you can use very simple XOR-based cipher.

1. Use a program to generate a LONG random string of characters, e.g "837es238aj983", but longer than any string you may read from input (it does not need to be readable).
2. Generate a random integer.
3. Store the random string and integer as global variables in your C program.
4. XOR each age you read with your random integer and save the XORed value to the file.
5. XOR each character in the strings you read from input with the character at the same index in your random string. Save the XORed value to the file.
6. When you read the values from file, you XOR again with your random keys and obtain the original values.