public byte[] Encrypt(string value) { // when encrypting, you need a 'nonce' - 'number once'. By changing this on each encryption, you end up with different output each time // without it you apply identical encryption for each key which would be a vulnerability. It's like seeding a random number generator. byte[] nonce = new byte[12]; // shouldn't use this, not random enough, but its good enough for this demo new Random().NextBytes(nonce); // initialise the algorithm with the key (password) and nonce _streamCipher.SetState(_key, nonce); // convert our string to a byte array byte[] data = Encoding.UTF8.GetBytes(value); // encrypt it _streamCipher.Transform(data); // now return the nonce (first 12 bytes) and the encrypted data as one array return(nonce.Concat(data).ToArray()); }