Introduction
Before .Net, using unmanaged Win32APIS encrypted decryption data is a very painful thing. For this encrypted decryption, .NET is configured with a set of classes (and namespaces). Now you have many classes to protect your data using each different algorithm. Three types of encryption methods are defined under the .NETTOGRAPHY namespace. They are Asymmetricalgorithm, Symmetricalgorithm and Hashalgorithm. All these classes (and .NET Cryptography Types) are abstract classes. We will describe SymmetricalGorithm today. The rest will be explained in a later article.
Note: Although the encryption codes in most managed code implementation uses a lot of CryptoAPI libraries.
Symmetricalgorithms foundation
Symmetric algorithm works using the user's key (password). It means that you can implement it at any time and you can use a symmetrical algorithm to encrypt or decrypt your data. To encrypt or decrypt your data, you must define a password or a key. The characteristics of symmetric encryption are described below.
The encryption is dependent on your key (password). If you configure a long key, it will be very difficult to crack. It means that he will take a long time to let hackers find a key.
One risk of symmetrical encryption is that the password should let the second person know (this person must decrypt data with your key).
This encryption algorithm is based on a simple mathematical operation, so it works very quickly. So it is the best choice when you want to encrypt the amount of data.
Symmetric-based encryption can be broken by hacker violence. But if you define a very good password (sufficiently enough), this crack will take a long time.
Once the user defines the key. Hackers can use violent cracks or dictionaries to encode or decrypt your information. However, long keys protect your data longer when crack your password.
In addition, there is a very important thing during symmetrical encryption using a key or password. It is the initialization vector (IV). IV is used in the original encoding (encrypted or decrypted). In all symmetrical algorithms, we have a property called Mode. This is used by IV. If we set the MODE attribute as CipherMode.cbc (Cipher Block Chaining), use this mode, each data block is processed using the value from the previous block. It means that if the system is processed third blocks, it will take some information from the second block (process the third block). Then it will take the information in the first block to process the second block data. However, there is no block available prior to the first block, so it will use IV to process the first block. This technique ensures that there are no two identical blocks produce the same output and therefore make data safer. However, if you make Mode = CipherModer.ecb (Electronic Codebook Mode), he does not use the above method (using the block information after using the block information of the previous processing). If you want to use little resources and time to handle a lot of news, this method is useful for you. He can also let you start from the middle of the data.
At this point, we contain two very important things in symmetric encryption. They are key and initialization vectors. Let us now look at the algorithms of symmetrical encryption.
Symmetric algorithm and symmetric algorithm
The following is a key information of the symmetric algorithm and their class.
Algorithm name
Algorithm class (abstract)
Effective Key Size (Bit)
Default key size (bit)
Default implementation
DES
DES
64
64
DescryptoServiceProvider
Tripledes
Tripledes
128, 192
192
TripleDescryptoServiceProvider
RC2
RC2
40-128
128
RC2CryptoServiceProvider
Rijndael
Rijndael
128, 192, 256256
RijndaelManaged
It should be noted here that all algorithms are inherited in an abstract class Symmetricalgorithm. And you can see that each class supports different key sizes. In the same case, they also support the size of different initialization vectors. As I just said, all the classes they have said are abstract classes, so we cannot create any instances of these abstract classes directly. But the SymmetricalGorithm class (also abstract class) has a shared method called CREATE CREATE to create a specific instance of a class without worrying. Means, you can use it in the following way.
RC2 mrc2 = rc2.create ();
It will return an instance of a RC2 default implementation without having to care about how to implement RC2 classes. If you want to update the RC2 class after Microsoft, you can share code (it is possible), this technology is very useful. In that case, your code will automatically adapt to their changes and work correctly. Or maybe in the future RC2 class with hosting code, your code can still accept it. In the same case, you can also use the following statements.
RC2 mcrypto = symmetricalgorithm.create ("RC2");
This can also return to a RC2 object (default implementation). In this case you want to use the name of the NETE CREATE method to set the parameters to return the object of the algorithm. This Create method is from the Symmetricalgorithm class and all other classes that use the symmetry algorithm to me, so you can find the CREATE method in all the classes above. It means that if you use rc2.create ("DES"), it works and will return a DES object. But you can't get the DES object using the RC2 class.
The above mechanism looks useful. We can use our own algorithms to define your own classes with the same method. But to like this, we have to make some small changes to the Machine.config file. I will not be described in detail here. You can get more information about Wrox about password book.
Let us now look at some of the methods and properties in the SymmetricalGorithm class.
Blocksize: Separate the size of the data block. Large data will be divided into small data blocks, and if the data is less than the block size, it is appended (filled with some default).
Key: The key will be used when processing the data. This key is configured to use byte arrays.
IV: Use the initialization vector when data processing (above has been described above). Configure an array of bytes.
Keysize: The size of all bits of the key.
LegalBlocksize: Returns BlockSize's enumeration tells you that it is judged that the size of the blocks including the maximum, minimum and jumping values. Skip value means how many values should be added to add a judgment worth the next value. For example, if the minimum is 32, the jump value is 16, then the next judgment value is 48, 64, and the like. (Returns the BlockSize Enumeration which tells you legal values for block size including max value, min value and Skip value. Skip value means that how much value should be added to last legal value to get next value. Like if min value is 32 and Skipvalue IS 16, IT Means Next Legal Values Will BE 48, 64 And So on.)
Mode: Bit operation is or set up mode. See the description above. The value is one of the CipherMode enumeration.
Padding: Get or set an additional value in the PaddingMode enumeration. (Fill the block in the space) Legalkeysize: Like LegalBlocksize, how to deal with Keysize.
CREATE: The above has been described, using the instance of the class that it creates the default algorithm implementation.
CREATEENCRYPTOR: Returns an icryptotransform object that can be manually encrypted. It will be carefully described for a while.
CREATEDECRYPTOR: Returns an icryptotransform object that can manually decrypt data. It will be carefully described for a while.
GeneRatrKey and Generateiv: In the process of encryption or decryption, if KEY and IV are NULL, these methods can generate default keys and IV.
VAildKeysize: Checking a given key is not a valid key for an algorithm.
CLEAR: Clear and eliminate all resources and memory information such as key and IV.
Before writing the code, let's say a few pieces of understanding of our understanding of the code very helpful.
CreateEncryptor and CreateDecryptor
The CreateEncryptor and CreateDecryptor method for the Symmetricalgorithm class return to the Icryptotransform object. Icryptotransform is an interface that wants to handle the class of data blocks. This process can be encrypted, decrypted, hash, based on 64-based coding and decoding, and more. The basic purpose of this interface is to complete the data processing block (The Basic Purpose of this Interface Is To Perform Blockwize Processing of Data). You can use its instance directly, but in most cases, for convenience, we are done by other named Cryptostream. Let us see an example how to use it.
DES mcrypt = new symmetricalgorithm.create ("des");
Icryptotransform MTRANSFORM = mcrypt.createEncryptot ();
CREATEENCRYPTOR or CREATEDECRYPTOR is two re-cut methods. If you don't have any parameters, you will use the default key and IV (using the GenerateKey and GenerateIV method in the SymmetricalGoruthm class). On the other hand, you can pass into the object of CreateEncryptor and CreateEncryptor by incoming an IV and key. To encrypt and decrypt the IV and keys that we define your own.
CryptostReam class
The CryptostReam class is usually used to read and write data to encrypt or decrypt data when reading or writing. It is a simple packaging of the original stream stream. IT Uses The Buffered Access Taking All Worries from You To Manage Buffer, Block Sizes, Padding etc. You can use the following code to get its instance.
DES mcrypt = symmetricalgorithm.create ("des");
Icryptotransform mtransform = mcrypt.createEncryptor ();
Cryptostream MStream = New Cryptostream (FileStream, Mtransform, Cryptostrammode.Read)
FILESTREAM is a stream requesting the original file of the data from the hard disk or memory (or MemoryStream). Now read and write data by using the MStream object and the StreamReader / streamwriter object. When you want to read and write, your encrypted decryption information will depend on the Icryptotransform object.
