1 / 15

Cryptography and .NET

Explore the essentials of cryptography within the .NET framework, covering symmetric and asymmetric keys, hashing, and digital signatures. Learn how to create and manage keys and algorithms for secure data encryption and decryption. This guide includes practical examples using CryptoStream for cryptographic transformations. Understand the importance of hashing for data integrity and the process of creating and verifying digital signatures. Gain insights into configuring cryptographic classes in .NET for optimal security practices.

austin-chaney
Download Presentation

Cryptography and .NET

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cryptography and .NET

  2. Key terms • Symmetric Key : a shared secret key between the sender and recipient • Asymmetric key : two keys, a public and private key and sometimes referred as public/ private key pair • Hashing: Produces a unique message digest of known fixed size • Digital Signature: used to authenticate sender, created from asymmetric and hashing algorithms

  3. Encryption • Request provider for encryption algorithm and key length • Create symmetric key • Generate asymmetric key (public/ private pair) • Key blob (securing symmetric key using asymmetric key • Data encryption using symmetric key • Persist the key blob and encrypted data for recipient

  4. Decryption • Retrieve the persisted data • Request provider for decryption algorithm and key length • Decrypt the cipher text and obtain the original data

  5. Hashing • Request provider for hashing algorithm and key length • Create symmetric key • Generate asymmetric key • Key blob • Use the hashing function and obtain the digest • Encrypt the digest • Persist the key blob and digest for recipient

  6. Verifying the Hash • Retrieve the persisted data • Request provider for hashing algorithm and key length • Decrypt the cipher text and obtain the plain data and hash • Recreate the hash from the plain data • Compare the original and the newly created digest

  7. Digital Signatures • Get the signature data • Request provider for cryptographic algorithm and key length • Create asymmetric key pair • Key blob using public key from public/ private key pair • Use hashing function and obtain the digest for signature data • Encrypt the digest • Persist the data for recepient

  8. Confirming the Digital Signature • Retrieve the persisted data • Request provider for algorithm and key length • Decrypt the cipher text and obtain the plain data and hash • Recreate the hash from the plain data • Verify the signature with original and the newly created digest

  9. Cryptography in Microsoft .NET Cryptography Hierarchy

  10. Microsoft .Net has classes that extend the cryptographic services provided by the windows CryptoAPI • System.Security.Cryptography name space provides classes for • Symmetric Encryption • Asymmetric Encryption • Hashing  • Digital Signatures

  11. CryptoStream • In .Net, CryptoStream is a channel for cryptographic transformations public CryptoStream( Stream stream, ICryptoTransform transform, CryptoStreamModemode) Example 1: byte [ ] data = new byte [ ] {1,2,3,4}; MemoryStream memData = new MemoryStream(data); Rc2CryptoServiceProvider algorithm = new Rc2CryptoServiceProvider(); CryptoStream stream = new CryptoStream(memData, algorithm.CreateEncryptor(algorithm.Key, algorithm.IV), CryptoStreamMode.Read); byte [ ] cipher = new byte [8]; stream.Read(cipher , 0, (int) 8); memData.close(); stream.close();

  12. Example 2: byte [ ] numbers = new byte [ ] {1,2,3,4}; MemoryStream inmemory = new MemoryStream(); Rc2CryptoServiceProvider algorithm = new Rc2CryptoServiceProvider(); CryptoStream estream = new CryptoStream(inmemory, algorithm.CreateEncryptor(algorithm.Key, algorithm.IV), CryptoStreamMode.Write); BinaryWriter bw = new BinaryWriter(estreem); bm.Write(numbers, 0, numbers.Length); bm.close();

  13. Configuring .Net Cryptography • Encryption with .Net • Create cryptoStream class that wraps a data stream • Based on the mode of the cryptostream, perform the transfomation • Persist the data TripleDES algorithm = TripleDES.create(); • Decryption with .Net • Obtain the persisted data and perform the cryptographic transformations

  14. Hashing with .Net • Define the algorithm SHAICryptoServiceProvider sha = new SHAICryptoServiceProvider(); • Compute hashing using hashing algorithm sha.ComputeHash(bytePlain, 0, filelen); • obtain the digest hash=sha.Hash; • Encrypt the hash • Verifying a Hash in .Net • Obtain persisted data and define the algorithm from provider • Perform the hash and compare the old and the new digest. byte.equals(hash, bytehash);

  15. Digital Signatures in .Net • Gather the signature data • Define the algorithm DSECryptoServiceProvider dsa = new DSECryptoServiceProvider(); • Export the public key of a signature key pair string key = ToXmlString(true); • Call signData on the implementation algorithm to create the digital signatures byte = signature = dsa.signData(textstream.GetBuffer()); • Confirming Digital Signatures in .Net • Use string key = FromXmlString(true) to import the public key.

More Related