then you have unencrypted SSNs in the index fileI thought an index in a cdx was a b-tree with no actual data in it? Though I guess if you add sequence to the standard format and large sample described by Jos, you've actually got quite a lot of information now...
The big problem is that whether you NET or VFP, a determined hacker can decompile the encryption algorithm and access the key whether it's buried in the app or encrypted in a file somewhere or whatever. If they can get the app, they can get the algorithm. Even with obfuscation in NET, it's not hard. All you can really do is use Refox/Konxise/Armadillo or similar for VFP and one of the compressing/encrypting obfuscators in NET to dissuade all but the most determined hackers.
"... They ne'er cared for us
yet: suffer us to famish, and their store-houses
crammed with grain; make edicts for usury, to
support usurers; repeal daily any wholesome act
established against the rich, and provide more
piercing statutes daily, to chain up and restrain
the poor. If the wars eat us not up, they will; and
there's all the love they bear us."
-- Shakespeare: Coriolanus, Act 1, scene 1