Click here to Skip to main content
Click here to Skip to main content

Using Encryption in .NET

, 26 Jun 2009
Rate this:
Please Sign up or sign in to vote.
An article that describes the beginning steps to encryption using the .NET Framework.

Introduction

There are essentially two situations where data is the most vulnerable: when it is stored persistently, and when it transferred across a network. For instance, when we program in Win32, we often have to write code to convert Unicode characters and strings to MBCS (Multi-Byte Character Set) characters and strings. In .NET, all characters are Unicode and all strings are Unicode to make things easier at runtime. But, when strings are saved to a file that is meant to be transmitted across a network, transmitting 16-bit values is not efficient if half of the bytes are zero. The solution is to encode the 16-bit values into a compressed array of bytes and then decode the array of bytes back into 16-bit values. At the same time, if data is persisted to disk, you can use permission demands to control access to an application, and ACLs to protect data. But, attackers with access to a hard disk or network infrastructure can bypass software security, and either extract private information from the data or modify that information. Imagine if you had to tell a client that his personal information was extracted. This is why any .NET developer should know Cryptography.

Stated loosely, a cipher block is an algorithm, a computational model, that intends to transform and thus disguise data by a series of rounds that are comprised of repetitive operations. A symmetric algorithm is mathematically reversible, and an asymmetric algorithm is not. The behavior of the algorithm is largely influenced by the length of the key that is inserted as input with the plain text. An MD5 digital signature, however, is a one-way hash function that is dependent on four additive constants. A hash function is not mathematically reversible; a hash function is used for passwords, and for digitally signing an encrypted message. This paper will start with a basic example of the use of base-64 encoding in order to show how to convert between characters and bytes. Encoding is normally done when you want to send a string to a file or network stream by using the System.IO.BinaryWriter or System.IO.StreamWriter type. Decoding is done when you want to read a string from a file or network stream by using the System.IO.BinaryReader or System.IO.StreamReader type. Here is an example of base-64 encoding and decoding. Note that when messages are encrypted to be sent by email, they are normally encoded prior to being encrypted, and decoded prior to being decrypted.

using System;
public static class Program {
    public static void Main() {
        Byte[] bytes = new Byte[10];
        new Random().NextBytes(bytes);

        //  display the bytes
        Console.WriteLine(BitConverter.ToString(bytes));

        // decode the bytes into a base64 string and show the string
        String s = Convert.ToBase64String(bytes);
        Console.WriteLine(s);
        bytes = Convert.FromBase64String(s);
        Console.WriteLine(BitConverter.ToString(bytes));
    }
}

Output:

EA-3A-3F-08-95-E2-EC-B1-37-6F
6jo/CJXi7LE3bw==
EA-3A-3F-08-95-E2-EC-B1-37-6F

Symmetrical Encryption

The code below demonstrates the steps for encrypting a file using symmetric keys. Symmetric keys mean that the same key is used to both encrypt and decrypt a message. This might not sound like strong encryption, but the purpose is to make it work. For instance, you can use XOR to encrypt and decrypt. If you have a value of 55h, and XOR it with a key having a value of A1h, then the output value is F4h. But, if you XOR F4h with the key A1h, then you have the original 55h value. Definitely not strong encryption, but learning the basics can lead to stronger encryption practices. Note that the file that is going to be encrypted is c:\file.txt.The output file, "c:\file.txt.enc", must be created as a blank file where the output of the encrypted c:\file.txt data must stream to:

Capture.JPG

using System;
using System.IO;
using System.Security.Cryptography;
class App {
    static void Main(string[]  args) {
        string inFileName = @"C:\file.txt";
        string outFileName = @"C:\file.txt.enc";

        //In .NET, the CLR requires that all objects 
        //be created using the "new" operator//
        //in its simplest form. opening a file
        //involves asking the File class to open
        //a stream by specifying a path to the file. 
        //When opening to read its contents in order
        //to encrypt them, you use the FileMode.Open 
        //enumeration memberto specify an existing file
        //as well as  FileAccess.Read to get read-only access to the file

        // Now we create the Stream objects
        FileStream inFile = new FileStream(inFileName, 
                                   FileMode.Open, FileAccess.Read);
        FileStream outFile = new FileStream(outFileName, 
                                   FileMode.Open, FileAccess.Write);
        //Next we create the symmetric algorithm object

        SymmetricAlgorithm myAlg = new RijndaelManaged();
        // specify a key
        myAlg.GenerateKey();
        // Read the unecnrypted file into fileData

        byte[] fileData = new byte[inFile.Length];
        inFile.Read(fileData, 0, (int)inFile.Length);

        //Create the ICryptoTransform object
        ICryptoTransform encryptor = myAlg.CreateEncryptor();

        //And them create the CryptoStream object
        CryptoStream encryptStream = new CryptoStream(outFile, 
                                         encryptor, CryptoStreamMode.Write);

        //Now write the contents to the CryptoStream
        encryptStream.Write(fileData, 0, fileData.Length);

        //now close the file handles
        encryptStream.Close();
        inFile.Close();
        outFile.Close();
    }
}

Having created a blank file in order to pipe, or stream the cipher to, we know examine the contents of the encrypted file (not using the type con > ..) command but the DOS type command: c:...\>type c:\file.txt.enc

1.JPG

Any non-keyed hash algorithm in .NET derives from a single class. If we run a console application to calculate for a single file, we can run it repeatedly and still get the same result: the same hash result will result until the file is modified. After the file is modified, the hash result also changes. Consider the example below:

using System;
using System.IO;
using System.Security.Cryptography;

using System.Text;
class App {
    static void Main(string[] args) {

        //create the hash algorithm object
        MD5 myHash = new MD5CryptoServiceProvider();

        //store the data to be hashed in a byte array
        FileStream file = new FileStream(args[0], 
                              FileMode.Open, FileAccess.Read);
        BinaryReader reader = new BinaryReader(file);

        //call the HashAlgorithm.ComputerHash method
        myHash.ComputeHash(reader.ReadBytes((int)file.Length));

        //retrieve the HashAlgorithm.Hash byte array
        Console.WriteLine(Convert.ToBase64String(myHash.Hash));
    }
}

And finally, the output:

C:\Windows\MICROS~1.NET\FRAMEW~1\V20~1.507>echo Enter your name: > MyHash.txt
C:\Windows\MICROS~1.NET\FRAMEW~1\V20~1.507>hashdemo MyHash.txt U1isy9jyCs2IWfzOwNNeKQ==
C:\Windows\MICROS~1.NET\FRAMEW~1\V20~1.507>hashdemo MyHash.txt U1isy9jyCs2IWfzOwNNeKQ==
C:\Windows\MICROS~1.NET\FRAMEW~1\V20~1.507>echo Enter my Name: > MyHash.txt
C:\Windows\MICROS~1.NET\FRAMEW~1\V20~1.507>hashdemo MyHash.txt UNxj+QNkP7axjnsOD5EzOg==

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

logicchild
Other Pref. Trust
United States United States
I started electronics training at age 33. I began studying microprocessor technology in an RF communications oriented program. I am 43 years old now. I have studied C code, opcode (mainly x86 and AT+T) for around 3 years in order to learn how to recognize viral code and the use of procedural languages. I am currently learning C# and the other virtual runtime system languages. I guess I started with the egg rather than the chicken. My past work would indicate that my primary strength is in applied mathematics.

Comments and Discussions

 
GeneralMD5 is reversible PinmemberMember 300903910-Feb-09 22:55 
MD5 is reversible
NewsRe: MD5 is reversible PinmemberTobiasP17-Feb-09 2:46 
GeneralRe: MD5 is reversible Pinmemberlogicchild19-Feb-09 12:59 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web03 | 2.8.140721.1 | Last Updated 27 Jun 2009
Article Copyright 2009 by logicchild
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid