Recently I wrote a blog entry called “Extension Me Serialize: With Encryption!” for Magenic focusing on encrypting serialized data. The url is: http://magenic.com/Blog/ExtensionMeSerializeWithEncryption.aspx and it has been referenced on Channel 9: http://channel9.msdn.com/Shows/This+Week+On+Channel+9/TWC9-Windows-8-C-Amp-NuGet-Mouse-Mischief-and-more.
Embracing the power of extension methods, I offered the ability to easily serialize objects while simultaneously offering security by default and defense in depth approaches. Also, as noted in the post, depending solely on encryption is not a responsible form of security for your IT system. The protection and maintenance of your encryption keys must be the first step. Encryption is meaningless unless the encryption keys are properly managed. If an attacker can easily access the encryption keys used for data encryption and can apply those to decrypt the data, the data is plaintext to them. I implore you, protect your keys !