Summary

Team Fly 

Page 158

In a real-life situation, there's no big problem sending the public key or the ciphertext—capturing them would do an intruder no good, so you don't have to be concerned about their security. However, the potential weakness in the whole asymmetric system is the public/private key pair string that the decryptor (recipient) must somehow protect from prying eyes.

In a temporary session, the recipient can just generate a public/private key pair, and send the public part to the encryptor. Then the message can be encrypted, sent to the recipient, deciphered, and all the keys thrown away. But in other situations, keys are used repeatedly. Perhaps you want to use RSA to encrypt some files and keep those files for future reference. You must then also keep the private key that decrypts them.

Or perhaps a set of everyone's public keys is published in a list and given to everyone in the office. Maybe it's inconvenient to change these keys more than every month or so. When public keys are reused for more than a single session, each recipient must retain the private key that works with their public key. Actually, retain is probably not the right word; conceal would be more like it. If a private key isn't kept totally private, the game is over.

If you write applications that employ RSA and you don't want to limit communications to short sessions, you'll want to add some code to securely persist the private keys. Alas, there is no feature in .NET that explicitly solves this problem, but you can work with key containers available via the CryptoAPI.

Summary

In this chapter you entered the secret and, to me at least, fascinating world of hidden messaging—encryption, the effort to disguise the meaning of text.

It's been thousands of years in the making, but today's cryptographic schemes (several of the best are available in .NET) no longer rely on the various and fallible historical tricks. A lord would send a hunter carrying a string of dead rabbits to the next castle in the Middle Ages. One of those rabbits had a message in its stomach.

In ancient Greece they shaved a guy's head, wrote a message on his skull, then waited for his hair to grow out before sending him on his way.

Le Roi-Soleil's patsies and minions wrote long letters to each other using lemon juice, which dries invisibly but can be restored by holding the paper over a candle. These messages were sent among the chateaux, and as an additional precaution, only every 12th word contained the true message. Of course, several courtiers lost their heads when they couldn't explain why they were sending blank pages to each other. Twits.

You needn't resort to these ineffectual and messy tactics. As you saw in this chapter, you have at your command some of today's best cryptographic power tools. Tap into the .NET Framework's security features and use DES, TripleDES, or ramp up to full RSA protection. It's more than doubtful that your secrets will be revealed if you hide them inside this technology.

Team Fly 


Visual Basic  .NET Power Tools
Visual Basic .NET Power Tools
ISBN: 0782142427
EAN: 2147483647
Year: 2003
Pages: 178

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net