Quick .Net Encryption Reference
The code below represents a very basic .NET encryption class which has been tested and should work in your application – simply plug and play. 🙂
Contains two static methods that can be called without needing to instantiate the class.
Keep in mind the initialization vector below (indicated by rgbIV) is generic, and you will need to come up with your own. Remember not to share this. Even if the password is compromised, the attacker would also need to know the initialization vector to crack your value.
Also note the code which has been commented out. This illustrates cases where passwords and/or IV can be statically set in the class and/or shared based on value passed in for password parameter.
Sharing IV and password or storing either statically is a security risk and could cause errors depending on byte differences of the values. If you statically store these values, you will still create secure cipher text, but it will be much easier to crack.
Enjoy. 😉
using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
namespace AIS.Common.Crypto
{
public static class Rijndael
{
public static string Encrypt(string ClearText,string password)
{
byte[] clearTextBytes = Encoding.UTF8.GetBytes(ClearText);
System.Security.Cryptography.SymmetricAlgorithm rijn = SymmetricAlgorithm.Create();
MemoryStream ms = new MemoryStream();
byte[] rgbIV = Encoding.ASCII.GetBytes("example");
//byte[] key = Encoding.ASCII.GetBytes("longerexample");
//byte[] rgbIV = Encoding.ASCII.GetBytes(password);
byte[] key = Encoding.ASCII.GetBytes(password);
CryptoStream cs = new CryptoStream(ms, rijn.CreateEncryptor(key, rgbIV),
CryptoStreamMode.Write);
cs.Write(clearTextBytes, 0, clearTextBytes.Length);
cs.Close();
return Convert.ToBase64String(ms.ToArray());
}
public static string Decrypt(string EncryptedText, string password)
{
byte[] encryptedTextBytes = Convert.FromBase64String(EncryptedText);
MemoryStream ms = new MemoryStream();
System.Security.Cryptography.SymmetricAlgorithm rijn = SymmetricAlgorithm.Create();
byte[] rgbIV = Encoding.ASCII.GetBytes("example");
//byte[] key = Encoding.ASCII.GetBytes("longerexample");
//byte[] rgbIV = Encoding.ASCII.GetBytes(password);
byte[] key = Encoding.ASCII.GetBytes(password);
CryptoStream cs = new CryptoStream(ms, rijn.CreateDecryptor(key, rgbIV),
CryptoStreamMode.Write);
cs.Write(encryptedTextBytes, 0, encryptedTextBytes.Length);
cs.Close();
return Encoding.UTF8.GetString(ms.ToArray());
}
}
}
References:
Wikipedia – Encryption, http://en.wikipedia.org/wiki/Encryption
Posted on January 13, 2011, in .NET Reference, Programming & Development, Security & Cryptography and tagged .net, 128, 24, 28, 40, 64, aes, ascii, asymmetric, bit, byte, bytes, c#, crypto, cryptography, decrypt, decrypt string, des, dev, development, encrypt, encrypt string, encryption, get bytes, getbytes, microsoft, microsoft cryptography, microsoft encryption, microsoft security, password, programming, rijn, rijndael, secure, security, string, symmetric, system.security, system.security.cryptography, tdes, tight, to string, vb. Bookmark the permalink. 4 Comments.
Out of Office Reply 
Mr Diaz can you give me if possible an itinerary of the best books to buy or download to master this part of the info age.
There are many resources on the subject, much of it is free on a simple google search for “guide to internet privacy”. If I had to recommend one, I would suggest “The Art of Deception: Controlling the Human Element of Security”. You can buy a paperback copy for $10 or digital download to a Kindle if you have one for the same price.
Pingback: Encryption 101 and Security for the Paranoid « Fraction of the Blogosphere
Pingback: Common functions asp .net static shared library | Fraction of the Blogosphere