|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
High-strength crypto problemsI'm using TripleDESCryptoServiceProvider and MD5CryptoServiceProvider
in .NET Framework code. This requires 128-bit encryption. Some Windows 2000 platforms won't have 128-bit encryption and distribution of Encpack_Win2000_EN.exe is complicated due to export law. So... Q1: What are the best classes to use if assuming 40-bit encryption? Q2: Is there any other way of distributing 128-bit encryption or assuring it is available? Thanks. Instead of using Crypto Service Providers that calls into CAPI you can use
managed implementaiton of corresponding crypto algorithms. There are several open sources that you can check, starting from Mono crypto classes http://www.go-mono.com/crypto.html and BouncyCastle C# port http://www.bouncycastle.org/csharp/. (and btw. RijndaelManaged doesn't require CAPI crypto service provider as well). -Valery. http://www.harper.no/valery Show quoteHide quote "Alan" <alanfrans***@hotmail.com> wrote in message news:1115366446.209919.113280@f14g2000cwb.googlegroups.com... > I'm using TripleDESCryptoServiceProvider and MD5CryptoServiceProvider > in .NET Framework code. This requires 128-bit encryption. Some Windows > 2000 platforms won't have 128-bit encryption and distribution of > Encpack_Win2000_EN.exe is complicated due to export law. > > So... > Q1: What are the best classes to use if assuming 40-bit encryption? > Q2: Is there any other way of distributing 128-bit encryption or > assuring it is available? > > Thanks. > "Alan" <alanfrans***@hotmail.com> wrote This doesn't apply anymore. The export law changed (I believe it was on > Some Windows > 2000 platforms won't have 128-bit encryption and distribution of > Encpack_Win2000_EN.exe is complicated due to export law. January 1st, 2000) to allow the export of strong cryptography from the US to any country that is not on its embargo list (Iran, North Korea, etc.). > Q2: Is there any other way of distributing 128-bit encryption or Every .NET framework supports 128, 196 and 256 bit Rijndael encryptions, > assuring it is available? regardless of the Windows version it's running on. Rijndael is the successor of TripleDES, so you should consider using it. Regards, Pieter Philippaerts P.S.: depending on your security requirements, you may want to consider dropping MD5 in favor of another hash algorithm. MD5 has been recently broken, so it shouldn't be used in new development anymore. Thanks very much to both of you for your advice. In the end I used
RijndaelManaged and SHA256Managed for the hash, neither of which use the CAPI. In the process I came across http://msdn.microsoft.com/msdnmag/issues/02/06/crypto/ which I found to be a useful overview of cryptography in .NET.  
Other interesting topics
Form Authentication and new browser instance
System.ExecutionEngineException for certificate object creation sspi in c# Web Services and Access Control I keep receiving a file/path access error. RSA Encrypt/Decrypt with OAEP. OAEP Decryption Error Pls Help! Passing credential between two web sites on same machin NCrypto Encryption & Decryption Securty around .NET setup program |
|||||||||||||||||||||||
