.NET And Triple DES Security
page 3 of 8
by Kay Lee
Feedback
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 39736/ 89

Definitions and Objects

[ Download Code ] | [ Download Help ]
Rather than going straight to the code to just show you how it's done, we're going to opt to explain some of these objects along with how to code.  In this article, it’s assumed you know what regions are and you’re aware that comments are there to assist other developers in understanding the code. 

Basic Definitions

Initialization Vector (IV):

A block of bits (64 for DES), that is combined with the first block of data depending on the mode of the encryption.  Sometimes it is random, and it can also be sent with the encrypted outcome. 

Private-Key:

A secret block of bits used to encrypt.  Depending on the type of encryption, the size of the blocks of bits may differ.  The size of the Private-Key does not directly reflect the strength of the encryption.  The specific algorithm mixed with the size of the Private-Key determines the overall strength of the encryption: for example, you may have a 192 bit Triple DES encryption, and it won’t be as secure as a 128 bit Rijndael encryption.

Cipher Modes:

Basically different methods on how the blocks of data are processed.  Often 64 to 128 bits, the mode determines the encryptions confidentiality and integrity. 

Stream:

A flow of data of some sort is considered a stream.  The flow’s length may be undetermined, but it usually has an end.

Memory Stream:

A stream object that will read bytes is used commonly in byte-based encryption algorithms.  It is commonly used with files, but may be used with any type of byte collection.

What are the Objects Used?

The objects used in this article are bytes, Encoding, Memory Streams, regular base streams, Cryptographic Transformations, Cryptographic Streams, and enumerators.  For the most part, you should have a good grasp on some of these objects, but we’ll go over them briefly.

  • A byte is 8 bits.  If that’s news to you, I suggest opening up a more beginner’s tutorial so you don’t get overwhelmed with information.  For the rest of us, a byte is a small integer with a value between 0 and 255.  A single character is usually calculated as one or two bytes depending on the language.  A collection of bytes or a byte array is just what the name describes.  It contains any number of bytes in a specified order. 
  • Encoding objects are used to easily convert to different types.  Typically used with base types such as Booleans (bits), bytes, integers, strings, and the rest of the common types we use everyday.  The use of the encoding objects help keep our data integrity and give a forgiving method of translation rather than having a clutter of functions to manually do the conversions.
  • Memory Streams are found under the namespace System.IO, and has several overloaded constructors.  Memory Streams differ from the normal stream object as it specifically uses RAM as a backing store instead of disk or network transfer. 
  • A base Stream object is also found under the namespace System.IO, and is usually what most other streams are inherited from, and is an abstract base class.  It’s and abstraction of a sequence of bytes of any sort.
  • Cryptographic Transformations are found under the namespace System.Security.Cryptography implementing the ICryptoTransform interface, and they are algorithms and processes stored to assist in ease of development. 
  • Cryptographic Streams are found in System.Security.Cryptography, and are used by the common language runtime (CLR) of the .NET framework’s design for cryptography. 
  • Enumerators are essentially a distinct type of named constants.  Usually starts with values 0, but may be specifically created to start with any integer, it’s used primarily to add a language to the constant values. 

With the basics out of the way, we can start looking into the underlying code to see how the Triple DES Encryption is implemented in our .NET applications. 


View Entire Article

User Comments

Title: Hai   
Name: mangala
Date: 2008-07-22 7:54:10 AM
Comment:
good
Title: Public Key   
Name: Joe Grant
Date: 2006-12-08 12:12:50 PM
Comment:
How would one go about create a public key to share with someone so they can decrypt without sharing the private key?
Title: Excellent coverage of TripleDES   
Name: Sam
Date: 2005-08-02 9:11:49 PM
Comment:
Great stuff... simple but with enough background information to understand the important elements eg. PK, IV, Cipher etc. I will be using parts of it in my enterprise application.
Title: triple des   
Name: Josh
Date: 2004-10-13 10:12:45 PM
Comment:
we've been looking at different encryption methods in class and lectures have been so boring. i decided to search around and found your article to be a great practical implementation. i wish my class would provide us with pratical examples like this. Thanks.
Title: Thanks   
Name: Kay Lee
Date: 2004-10-13 6:42:03 PM
Comment:
Thanks. I'm glad you like it, and I hope the source works well for you.
Title: Triple DES Encryption   
Name: Brian Chiasson
Date: 2004-10-12 3:35:52 PM
Comment:
Excellent article. I have been looking for a couple of hours for something on encryption. It shed light on the subject and provided me with useful code for my intranet application. Thanks a million...






Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2021 ASPAlliance.com  |  Page Processed at 2021-04-13 12:41:13 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search