Client-side data encryption / SQL Server Express LocalDB

Question

What are the strategies in .NET to secure semi-sensitive client-side data (so that only the application itself can use/see it)?

Could the information be contained in an accompanying mdf file (used by SQL LocalDB) and still maintain the same level of security? If so, how?

I understand that since we are talking about client-side application there is no absolute way to secure the data. I'm mostly looking at ways to make it difficult enough to discourage people attempting it. Ideally the solution would be (mostly) transparent to the application developers.

Answer 1

Not really. Your best shot would be putting your code in encrypted stored procedures, but as soon as you hand the MDF file to someone, they can attach it to a SQL Server where they have total admin rights (like their LocalDB instance) and decrypt them trivially.