.NET Cryptography

The Cryptography Application Block is a wrapper for the System.Security.Cryptography namespace that is provided by the .NET Framework. The System.Security.Cryptography namespace provides functionality to encrypt data, decrypt data, hash data, generate random numbers, and authenticate messages. As such, it provides implementations for several symmetric, asymmetric, and hash algorithms. Table 8.1 shows the algorithms that exist in the System.Security.Cryptography namespace.

Symmetric and Asymmetric Algorithms

Symmetric and asymmetric algorithms are used to ensure data remains private (or confidential) by encrypting the data. The same algorithm used to convert cleartext into ciphertext can be used to convert the ciphertext back to cleartext. These algorithms are not just limited to encrypting and decrypting text, though. For example, a byte array created from a .JPG image can be encrypted too. The difference between symmetric and asymmetric algorithms lies in the keys that are used. Symmetric algorithms (or privatekey algorithms) use the same key to encrypt and decrypt data. Asymmetric algorithms (or publickey algorithms) use two mathematically related but different keys to encrypt and decrypt data.

Both symmetric and asymmetric algorithms are block ciphers, because they encrypt and decrypt data a block at a time rather than as one continuous stream (which is known as a stream cipher). Blocks are usually 64 bits or 128 bits in size, although some may be larger. The Rijndael algorithm, for example, is 256 bits. The blocks are of a fixed size and encryption is accomplished by iterative rearrangement and substitution on successive blocks. The decision of what algorithm and what type of encryption to use for an application cannot be taken lightlythe cost of being wrong can be very high. If the algorithm is not strong enough, the private information can be compromised, but if it is too strong, an application may be so sluggish that it becomes unusable.

Symmetric encryption is preferred when performance is an issue and when the party encrypting the data can share the key with the party who is decrypting the data. Since both parties must share the same key, either both parties must know this information up front or one of them must be able to generate the information and securely send it to the other. Often this means that the two parties are actually the same.

Asymmetric encryption is preferred when the encrypted information needs to be sent over an insecure medium and when the sending and receiving parties cannot share the same key. A key pair must exist in this case. One key is a public key and is distributed to the world. The other is a private key that must be protected. Data that is encrypted using the private key can only be decrypted with the corresponding public key, and information encrypted with the public key can only be decrypted with the corresponding private key.

The goal for this version of Enterprise Library's Cryptography Application Block is to facilitate the encryption and decryption of data in a single application. It accomplishes this by wrapping around the symmetric algorithms and DPAPI (explained later) provided by the .NET Framework and listed in the first column of Table 8.1. This version of the Cryptography Application Block has not been designed to take advantage of the asymmetric algorithms in the .NET Framework.

Hash Algorithms

Hashing is used to ensure the integrity of the data; that is, to ensure that the data has not been accidentally or maliciously modified. Hash values are used to verify the integrity of data sent through insecure channels. A hash value is a unique, fixedlength value derived from a sequence of the data. Depending on the algorithm that is used, the hash value is usually 128 or 160 bits. Verification is accomplished by creating a hash of the data when the data is received and comparing it with the hash that is attached to the received data. Table 8.1 lists the hash algorithms provided by the .NET Framework.

Technically, hashes can be compromised by an attacker who changes the data, recalculates the hash, and then attaches the new hash to the data stream. If this occurs, it is very difficult to determine whether the data was modified or not. Keyed hashes (and digital signatures) address this issue. The HMAC SHA1 and MAC Triple DES are keyed hash algorithms.

Keyed hashes contain a secret key that is known only to the sender and the recipient of the data. The hash is usually created by concatenating the cleartext data and secret key. Without knowing the secret key, the proper hash cannot be calculated. According to Howard and LeBlanc (Writing Secure Code, Second Edition, pp. 291294), developers often make many mistakes when creating keyed hashes, including

• Forgetting to use a key

• Using the same key to encrypt data and keyhash data

• Basing the keyhash key on the encryption key

"Salting" a hash can also make an attacker's job more difficult. A salt value is a cryptographically generated random number that is added to the hash data to defend against dictionary attacks. (A dictionary attack is an attack where every possible secret key is used to decrypt the encrypted data.) Salting provides entropy (a degree of disorder) to the algorithm. Howard and LeBlanc (pp. 302303) provide a managed code fragment that can be used to create a salted hash. In this code fragment, the hash and salt are both created and their bytes are combined to create one salted hash. Interestingly, this is the same technique that the Cryptography Application Block uses when salting a hash.