Protecting a file from reading - except from specific applications

Question

0.00/5 (No votes)

See more:

I have a file which should be opened in a third-party program. That file is encrypted until it is needed. When the user runs my C# program, it will decrypt the file, open it with the third-party software, then when the software is done, it will re-encrypt the file. The third-party cannot do the encryption and decryption itself.

The problem with this setup is that during the time the third-party program is open, the file is exposed to the world. It can be copied and pasted elsewhere, ruining the purpose of the encryption.

I'd like to fix this flaw. I'm not sure how to prevent the file from being copied. I tried using a virtual file system called Dokan, which will supposedly allow me to change how a file is read or written to. The main problem with it is that I can't figure out how to control the read/write of this file to prevent copying. I think Dokan also requires NTFS filesystems, which I shouldn't assume the end-user has.

Is there another way to control read/write on a file in C#?

Posted 2-Dec-12 16:38pm

Franklin Barnett

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Expert Coming · Answer 1 · 2012-12-02T18:00:00

Solution 1

Not really. The only option I really see is decrypting the file in-memory and passing that to the third-party application.

The flaw really lies in the fact that the third party application doesn't do the encryption/decryption itself AND doesn't provide a way to pass in the decrypted information.

Posted 2-Dec-12 18:00pm

Expert Coming

Comments

Franklin Barnett 3-Dec-12 1:19am

Perhaps it might be possible to use some sort of alternative of "Sandboxie"? Essentially that program allows you to run programs in a sandbox so that they don't save files to the hard drive, which is handy for downloading sketchy-looking programs. I'll look into this...

Franklin Barnett · Answer 2 · 2012-12-06T17:06:00

Found out my issue. Granted the whole scheme is a bit unorthodox, but modifying the target application itself isn't practical.

I ended up revisiting the Dokan solution. Dokan creates a sort of virtual hard drive out of an empty folder or creates a new drive. This time I successfully modified it in the way I want, and now I can control how various applications interact with the file.