A possible alternative depends on whether you actually need to decrypt the data or not.

You might be able to use a one-way function.

For example, the traditional unix password mechanism takes your password and runs it through the crypt() function (with a little salt) to get an output string which is stored in the /etc/passwd file.

What it *doesn't* do when you try to log in is decrypt the stored password and compare it to what you just typed. Instead, it passes what you just typed through the same one-way function (with the same salt) and compares the outputs.

The theory is that it is computationally expensive to recover the input to the one-way function. In practice, the traditional unix scheme using the crypt() function can be brute-forced fairly easily these days (for example by trying all possible or all likely combinations of inputs), but other hash functions (for example MD5) exist and are good for todays use. (A relevant perl module here is Digest::MD5).

If you really need to recover the data (rather than compare it to some other data) then you can't do this, but obviously any program you write which is able to recover the encrypted data can be used by anyone else who acquires the privilege to execute it (or read its data files containing the key information).

As I'm sure you are aware, the whole area of encryption etc is fraught with seemingly-good ideas which don't help at all or are actually counter-productive, so it is difficult to offer detailed helpful advice.

Good luck.