A good way of encrypting and decrypting string in the ASP.NET context is to use the FormsAuthentication.Encrypt Method
It seems to be only suited for cookie, but it works well in other context, plus, you can add an expiration date as well (or DateTime.MaxValue if it's not needed), this is a sample code:
public static string Encrypt(string content, DateTime expiration)
{
return FormsAuthentication.Encrypt(new FormsAuthenticationTicket(1,
HttpContext.Current.Request.UserHostAddress, // or something fixed if you don't want to stick with the user's IP Address
DateTime.Now, expiration, false, content));
}
public static string Decrypt(string encryptedContent)
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(encryptedContent);
if (!ticket.Expired)
return ticket.UserData;
return null; // or throw...
}
