Windows Phone 7 - SQLite with Encryption

I ended up using SQL CE introduced in Mango release (Windows Phone 7.1) which has in-built encryption (password) support. Refer to http://blogs.microsoft.co.il/blogs/alex_golesh/archive/2011/05/24/windows-phone-mango-what-s-new-local-database-part-1-of-8.aspx which has very good explanation.

There doesn't seem to be any API in Windows Phone 7 that will let you encrypt / decrypt data based on user credentials similar to DPAPI so you have to do it yourself. The documentation suggests that the following algorithms are available on Windows Phone 7:

• AES
• HMACSHA1
• HMACSHA256
• Rfc2898DeriveBytes
• RSA
• SHA1
• SHA256

These algorithms should give all you need to create a decent encryption schema and it should be good enough that you encrypt the sensitive columns in your database schema and not the whole database.

The only problem then would be to see what key to use. If it's possible to ask the user for a password (this very much depends on what type of application you are building), then you can use Rfc2898DerivedBytes to derive a password from the user input. Otherwise, you can create a key out from some device data. (see: How do I get a symmetric key in Windows Phone 7?) After deriving a key, you can use AES to do your encryption.

I know that this is exactly what you wanted, but at least should point you in the right direction.