Perhaps this snippet is something for you.

Please do not roll your own encryption code. It's fine for a homework exercise but anyone who uses that kind of thing in a real application needs to be shot. ;) At the very least, if you do not care about how strong the encryption is, use the libraries offered by the the framework:

using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;

namespace Daniweb {
    public sealed class Encryption
    {
        // use an 8 byte key for DES encryption
        private static byte[] _key = new byte[]
        { 
            0xBA, 0x87, 0x09, 0xDC, 0xFE, 0x65, 0x43, 0x21 
        };

        private static byte[] _IV = new byte[]
        { 
            0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF 
        };

        private Encryption() {}

        public static string Decrypt(string data)
        {
            byte[] input = Convert.FromBase64String(data);
            DESCryptoServiceProvider des = new DESCryptoServiceProvider();
            MemoryStream ms = new MemoryStream();
            CryptoStream cs = new CryptoStream(
                ms,
                des.CreateDecryptor(Encryption._key, Encryption._IV),
                CryptoStreamMode.Write);

            cs.Write(input, 0, input.Length);
            cs.FlushFinalBlock();

            return Encoding.UTF8.GetString(ms.ToArray());
        }

        public static string Encrypt(string data)
        {
            DESCryptoServiceProvider des = new DESCryptoServiceProvider();

            // convert input to byte array
            byte[] input = Encoding.UTF8.GetBytes(data);

            MemoryStream ms = new MemoryStream();
            CryptoStream cs = new CryptoStream(
                ms,
                des.CreateEncryptor(Encryption._key, Encryption._IV),
                CryptoStreamMode.Write );

            cs.Write(input, 0, input.Length);
            cs.FlushFinalBlock();

            return Convert.ToBase64String(ms.ToArray());
        }
    }
}

anyone who uses that kind of thing in a real application needs to be shot.

I did!:) But it was some 20 years ago...
I agree with you Tom Gunn, the methods of .NET should be used instead. But you will probably agree with me there are plenty of companies out there who still store their sensitive info in just plain text format.

But you will probably agree with me there are plenty of companies out there who still store their sensitive info in just plain text format.

Sure, but that is no excuse for writing insecure code. :) There are also plenty of stories about companies being fined, sued, and burned big time for having sensitive info stolen. I do not want to be the programmer that caused that. ;)

a friend of mine had a problem that encrypting the same string twice gave different results so I was trying to avoid it.

How did your friend do the encryption? Handmade encryption code can do all kind of funny things. The code I gave can handle encrypting multiple times as long as you decrypt the same number of times.

>>I do not want to be the programmer that caused that.

You got a great point there.

You could try doing a simple MD5 encryption and take the resulting bytes and encrypt them again with SHA ;p

MD5 and SHA are Hashing algorithm.

I suppose I should treat like a full commercial application.

I've gone with XOR encryption.

I just died a little on the inside. :(

@Tom
Don't die, even on the inside!
I think you are just to valuable around here!

I have to admit .. there are cases where I use handmade encryption (xor). Its not always a bad idea...

Let us instead give congrats to danny for providing the solution :)

see the attached