Symmetric Encryption and Decryption within .NET Framework
Let’s start with most widely used which is called Symmetric Key encryption. This encryption uses a key that is known to both parties involved in transmission of encrypted messages. This key is used to encrypt and then decrypt messages and should be protected at all times. The only limitation of this method is time. In order to establish secure exchange of documents we need to send key to our other party first and only then we can start our transmission. Clearly, in the age of internet it’s not going to work for encrypted internet traffic. One of the main advantages often sighted is symmetric key speed. It is very fast way to encrypt and decrypt messages. It is also very secure and the only way to decrypt text is by utilizing brute force trying to crack this key. Which is daunting tasks since you will have to come up with 256 key possibilities. The other way to crack encrypted text is to steal this key from one of the party involved. So, this is extremely important to protect this key at all cost.
There are several classes available
Class | Description |
---|---|
RijndaelManaged | Rijndael symmetric encryption algorithm |
RC2 | An encryption standard |
DES | Symmetric encryption algorithm |
TripleDES | Triple DES (3DES) symmetric encryption algorithm |
All of the above mentioned classes are derived from System.Security.Cryptography.SymmetricAlgorithm base class and share same list of propertiese.
- BlockSize – number of bit algorithm needs to process at a time.
- FeedbackSize – determines feedback bits size of the cryptographic operation.
- IV - vector for the symmetric algorithm.
- Key - secret key for the symmetric algorithm.
- KeySize - size of the secret key in bits.
- LegalBlockSizes - KeySizes array with MinSize and MaxSize properties.
- LegalKeySizes - KeySizes with MinSize and MaxSize.
- Mode - set to Cipher Block Chaining (CBC).
- Padding - determines difference between theblock size and the length of the plain text.
- CreateDecryptor - used to decrypt the stream.
- CreateEncryptor used to encrypt a stream.
- GenerateIV - generates a random IV that is used for the algorithm.
- GenerateKey - generates a random key that is used for the algorithm.
- ValidKeySize – validates key for the given algorithm.
string myPassword = "password";
RijndaelManaged mineAlg = new RijndaelManaged();
byte[] salt = Encoding.ASCII.GetBytes("This is sa1t");
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(myPassword, salt);
mineAlg.Key = key.GetBytes(mineAlg.KeySize / 8);
mineAlg.IV = key.GetBytes(mineAlg.BlockSize / 8);
Encrypting and Decrypting Messages Using Symmetric Key can be done in this way.
string inMyFileName = @"C:\Boot.ini";
string outMyFileName = @"C:\Boot.ini.enc";
FileStream inmyFile = new FileStream(inMyFileName, FileMode.Open, FileAccess.Read);
FileStream outMyFile = new FileStream(outMyFileName, FileMode.OpenOrCreate, FileAccess.Write);
SymmetricAlgorithm myAlg = new RijndaelManaged();
myAlg.GenerateKey();
byte[] fileData = new byte[inMyFile.Length];
inMyFile.Read(fileData, 0, (int)inMyFile.Length);
ICryptoTransform encryptor = myAlg.CreateEncryptor();
CryptoStream myEncryptStream = new CryptoStream(outMyFile, encryptor, CryptoStreamMode.Write);
myEncryptStream.Write(fileData, 0, fileData.Length);
myEncryptStream.Close();
inMyFile.Close();
outMyFile.Close();