## Symmetric Encryption and Decryption within .NET Framework

Let’s start with most widely used which is called Symmetric Key encryption. This encryption uses a key that is known to both parties involved in transmission of encrypted messages. This key is used to encrypt and then decrypt messages and should be protected at all times. The only limitation of this method is time. In order to establish secure exchange of documents we need to send key to our other party first and only then we can start our transmission. Clearly, in the age of internet it’s not going to work for encrypted internet traffic. One of the main advantages often sighted is symmetric key speed. It is very fast way to encrypt and decrypt messages. It is also very secure and the only way to decrypt text is by utilizing brute force trying to crack this key. Which is daunting tasks since you will have to come up with 2^{56} key possibilities. The other way to crack encrypted text is to steal this key from one of the party involved. So, this is extremely important to protect this key at all cost.

There are several classes available

Class | Description |
---|---|

RijndaelManaged | Rijndael symmetric encryption algorithm |

RC2 | An encryption standard |

DES | Symmetric encryption algorithm |

TripleDES | Triple DES (3DES) symmetric encryption algorithm |

All of the above mentioned classes are derived from *System.Security.Cryptography.SymmetricAlgorithm* base class and share same list of propertiese.

*BlockSize*– number of bit algorithm needs to process at a time.*FeedbackSize*– determines feedback bits size of the cryptographic operation.*IV*- vector for the symmetric algorithm.*Key*- secret key for the symmetric algorithm.*KeySize*- size of the secret key in bits.*LegalBlockSizes - KeySizes*array with*MinSize*and*MaxSize*properties.*LegalKeySizes*-*KeySizes*with*MinSize*and*MaxSize*.*Mode*- set to Cipher Block Chaining (CBC).*Padding*- determines difference between theblock size and the length of the plain text.

*System.Security.Cryptography.SymmetricAlgorithm*Methods

*CreateDecryptor*- used to decrypt the stream.*CreateEncryptor*used to encrypt a stream.*GenerateIV*- generates a random IV that is used for the algorithm.*GenerateKey*- generates a random key that is used for the algorithm.*ValidKeySize*– validates key for the given algorithm.

*System.Security.Cryptography.Rfc2898DeriveBytes*class which turns password into key. This class requires four values: password, salt value, IV, and number of iterations. In addition, we need to make sure that password, salt value and number of iterations are shared among two parties since they will be required to encrypt and decrypt text.

string myPassword = "password";

RijndaelManaged mineAlg = new RijndaelManaged();

byte[] salt = Encoding.ASCII.GetBytes("This is sa1t");

Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(myPassword, salt);

mineAlg.Key = key.GetBytes(mineAlg.KeySize / 8);

mineAlg.IV = key.GetBytes(mineAlg.BlockSize / 8);

Encrypting and Decrypting Messages Using Symmetric Key can be done in this way.

string inMyFileName = @"C:\Boot.ini";

string outMyFileName = @"C:\Boot.ini.enc";

FileStream inmyFile = new FileStream(inMyFileName, FileMode.Open, FileAccess.Read);

FileStream outMyFile = new FileStream(outMyFileName, FileMode.OpenOrCreate, FileAccess.Write);

SymmetricAlgorithm myAlg = new RijndaelManaged();

myAlg.GenerateKey();

byte[] fileData = new byte[inMyFile.Length];

inMyFile.Read(fileData, 0, (int)inMyFile.Length);

ICryptoTransform encryptor = myAlg.CreateEncryptor();

CryptoStream myEncryptStream = new CryptoStream(outMyFile, encryptor, CryptoStreamMode.Write);

myEncryptStream.Write(fileData, 0, fileData.Length);

myEncryptStream.Close();

inMyFile.Close();

outMyFile.Close();