Console.WriteLine(ex.ToString());
return (String.Empty);
}
}
The encrypted string is returned as a Base64-encoded string. You can check the allowable key sizes for the RijndaelManaged class by using the following code:
KeySizes[] ks;
RijndaelManaged RMCrypto = new RijndaelManaged();
ks = RMCrypto.LegalKeySizes;
//---print out the various key sizes---
Console.WriteLine(ks[0].MaxSize); // 256
Console.WriteLine(ks[0].MinSize); // 128
Console.WriteLine(ks[0].SkipSize); // 64
The valid key sizes are: 16 bytes (128 bit), 24 bytes (128 bits + 64 bits), and 32 bytes (256 bits).
You can get the system to generate a random key and IV (which you need to supply in the current example) automatically:
//---generate key---
RMCrypto.GenerateKey();
byte[] key = RMCrypto.Key;
Console.WriteLine('Key : ' + System.Convert.ToBase64String(key));
//---generate IV---
RMCrypto.GenerateIV();
byte[] IV = RMCrypto.IV;
Console.WriteLine('IV : ' + System.Convert.ToBase64String(IV));
If the IV is null when it is used, the GenerateIV() method is called automatically. Valid size for the IV is 16 bytes.
To decrypt a string encrypted using the RijndaelManaged class, you can use the following SymmetricDecryption() function:
static string SymmetricDecryption(string str, byte[] key, byte[] IV) {
try {
//---converts the encrypted string into a byte array---
byte[] b = System.Convert.FromBase64String(str);
//---converts the byte array into a memory stream for decryption---
MemoryStream ms = new MemoryStream(b);
//---creates a new instance of the RijndaelManaged class---
RijndaelManaged RMCrypto = new RijndaelManaged();
//---creates a new instance of the CryptoStream class---
CryptoStream cryptStream = new CryptoStream(
ms, RMCrypto.CreateDecryptor(key, IV), CryptoStreamMode.Read);
//---decrypting the stream---
StreamReader sReader = new StreamReader(cryptStream);
//---converts the decrypted stream into a string---
String s = sReader.ReadToEnd();
sReader.Close();
return s;
} catch (Exception ex) {
Console.WriteLine(ex.ToString());
return String.Empty;
}
}
The following code snippet shows how to use the SymmetricEncryption() and SymmetricDecryption() functions to encrypt and decrypt a string:
RijndaelManaged RMCrypto = new RijndaelManaged();
//---generate key---
RMCrypto.GenerateKey();
byte[] key = RMCrypto.Key;
Console.WriteLine('Key : ' + System.Convert.ToBase64String(key));
//---generate IV---
RMCrypto.GenerateIV();
byte[] IV = RMCrypto.IV;
Console.WriteLine('IV : ' + System.Convert.ToBase64String(IV));
//---encrypt the string---
string cipherText =
SymmetricEncryption('This is a test string.', key, IV);
Console.WriteLine('Ciphertext: ' + cipherText);
//---decrypt the string---
Console.WriteLine('Original string: ' +
SymmetricDecryption(cipherText, key, IV));
Figure 11-7 shows the output.
Figure 11-7
Private key encryption requires the key used in the encryption process to be kept a secret. A more effective way to transport secret messages to your intended recipient is to use asymmetric encryption (also known as
Before you send a message to your friend Susan, Susan needs to generate the key pair containing the private key and the public key. Susan then freely distributes the public key to you (and all her other friends) but keeps the private key to herself. When you want to send a message to Susan, you use her public key to encrypt the message. Upon receiving the encrypted message, Susan proceeds to decrypt it with her private key. Susan is the only one who can decrypt the message because the key pair works in such a way that only messages encrypted with the public key can be decrypted with the private key. And there is no need to exchange keys, thus eliminating the risk of compromising the secrecy of the key.
Now suppose that Susan sends a message encrypted with her private key to you. To decrypt the message, you need the public key. The scenario may seem odd because the public key is not a secret; everyone knows it. But using this method guarantees that the message has not been tampered with and confirms that it indeed comes from Susan. If the message had been modified, you would not be able to decrypt it. The fact that you can decrypt the message using the public key proves that the message has not been modified.
In computing, public key cryptography is a secure way to encrypt information, but it's computationally expensive because it is time-consuming to generate the key pairs and to perform encryption and decryption. Therefore, it's generally used only for encrypting a small amount of sensitive information.
For public key (asymmetric) encryptions, the .NET Framework supports the DSA and RSA algorithms. The RSA algorithm is used in the following AsymmetricEncryption() function. This function takes in two parameters: the string to be encrypted and the public key:
static string AsymmetricEncryption(string str, string publicKey) {
try {
//---Creates a new instance of RSACryptoServiceProvider---
