Summary:Symmetric cryptography is advantageous for bulk encryption, however scalability and vital management problems limit the use
Threats:Information leakage, data corruption, man-in-the-middle attacks, brute-force attacks

Symmetric cryptography, known likewise as secret vital cryptography, is the use of a single shared secret to share encrypted data between parties. Ciphers in this category are called symmetric due to the fact that you use the same an essential to encrypt and to decrypt the data. In basic terms, the sender encrypts data making use of a password, and also the recipient must understand that password to accessibility the data.

You are watching: Symmetric encryption is used primarily to provide confidentiality.

Symmetric encryption is a two-way process. V a block the plaintext and a provided key, symmetric ciphers will constantly produce the very same ciphertext. Likewise, making use of that same vital on the block that ciphertext will constantly produce the initial plaintext. Symmetric encryption is beneficial for protecting data in between parties through an created shared vital and is additionally frequently provided to save confidential data. For example, ASP.NET offers 3DES to encrypt cookie data for a creates authentication ticket.


Table 4.2 shows the characteristics of the symmetric encryption algorithms obtainable in the .NET Framework. Although this algorithms work differently, the .NET frame provides a standardized design through the SymmetricAlgorithm abstract base class.


NameBlock SizeCipher ModesKey Lengths
DES64CBC, ECB, and also CFB56 bits
Triple DES (3DES)64CBC, ECB, and also CFBTwo or three 56-bit keys
Rijndael (AES)128, 192, 256CBC and ECB128, 192, or 256
RC264CBC, ECB, and CFB40, 48, 56, 64, 72,80, 88, 96, 104,112, 120, or 128 bits

In addition to providing access to different encryption algorithms, the .NET frame also enables you to customize the cipher modes, key lengths, block sizes, and also padding mode, as well as other parameters. The cipher mode determines the cipher's setting of operation. Back the CipherMode enumeration contains five different modes, just three room supported through existing algorithms, as displayed in Table 4.2. The CipherMode alternatives are:

Electronic Codebook setting (EBC) The simplest and fastest mode, EBC allows ciphertext come be broken one block in ~ a time and permits for codebook compilation. Encrypted blocks can be changed without affect the whole message. This mode is useful only wherein performance is the greatest priority, at the price of security.

Cipher Block Chaining setting (CBC) This setting uses one initialization vector (IV) to add feedback come the block transformation. This avoids the troubles seen through EBC mode. Decryption requires knowing the IV, but this is no a an enig and you can transmit it over an insecure connection.

Cipher Feedback mode (CFB) offers an IV together CBC does but works through partial blocks, make it well suited for encrypting streaming data.


TIP

Although the symmetric algorithms easily accessible with the .NET structure are all block ciphers, you can access them through a stream-oriented design. However, they room still block ciphers, and you should not confuse them through stream ciphers that room not constantly as secure.


You deserve to see a complete implementation of all the symmetric algorithms and also settings in action with the symmetric.aspx paper found in the \Ch04 directory of the supplemental code download easily accessible at this book's web site (www.syngress.com/solutions). Figure 4.1 shows an example of how this web page looks.



DES and also 3DES

The U.S. Government arisen Data Encryption conventional (DES) in 1977 together an official cryptography standard; the is still supplied widely. DES created the communication of the an initial automated teller an equipment (ATM) an individual identification number (PIN) password authentication and until current years existed together the primary authentication encryption technique for UNIX machines. DES is a block cipher utilizing a 64-bit block dimension with a 56-bit crucial length. In early on 1990 it to be proven insufficiently for sure given present hardware capabilities and that the was feasible to exhaust every potential DES an essential combinations in much less than a day. Triple DES (also known as 3DES) arised to attend to DESs shortcomings. 3DES uses standard DES encryption cycled over itself three times, v one cycle using a different set of encryption keys. This to be a simple yet easy method to efficiently increase the an essential size native 56-bit to 168-bit, hence increasing the security, however it obviously takes 3 times longer than DES to encrypt the data.

DES is probably nearing the finish of its helpful life, and also 3DES is no as effective as other algorithms, yet they both still conquer as the algorithms the choice. Many programmers feel more comfortable utilizing these algorithms because of your compatibility and wide acceptance.


The .NET framework provides accessibility to these algorithms with the DESCryptoServiceProvider and also TripleDESCryptoServiceProvider classes. Keep in mind that both of these classes are managed wrappers that speak to the unmanaged Win32 CryptoAPI functions. Figures 4.2 and 4.3 show the use of 3DES encryption.



*

*

TIP


DES does have actually some tricks that you must avoid because they room weak. In fact, there are 4 keys that create the exact same subkeys in every round. This method that if girlfriend encrypt data with among these keys and also then encrypt that encrypted data again through the exact same key, you will finish up v the initial plaintext message. In enhancement to this weak keys are 12 semi-weak keys. Semi-weak secrets work in pairs, wherein one an essential decrypts data encrypted with the first. ASP.NET permits you to check for these v the IsWeakKey and also IsSemiWeakKey methods. You deserve to view the actual source code for the IsWeakKey method in figure 4.4 and also the IsSemiWeakKey technique in number 4.5.


*

TIP

You deserve to download the resource code for the .NET framework cryptography basic classes in ~ www.gotdotnet.com/team/clr/samples/eula_clr_cryptosrc.aspx.


Note that immediately generated keys and those indigenous the GenerateKey technique will never develop weak keys, and the possibilities of randomly selecting one of these are 1 in 18,014,398,509,482,000. Furthermore, the DES and TripleDES classes will certainly throw a CryptographicException if you shot to usage a weak key.

Rijndael

Given the DES is getting to the finish of its advantageous life and also 3DES is really no much more than a short-lived fix, plenty of experts space looking to other algorithms. The nationwide Institute of requirements and an innovation (NIST) recently decided the Rijndael specification as its official replacement come DES. This specification, described as the advanced Encryption traditional (AES), have the right to be discovered at http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf. Rijndael supports larger key sizes than DES however has enhanced performance over 3DES. The Rijndael specification supports crucial sizes of 128, 192, or 256 bits.


Because of government standardization top top this algorithm, that is meant to come to be a widely used replacement because that DES, back ASP.NET still relies heavily on DES and also 3DES. However, Rijndael is the default algorithm provided with the SymmetricAlgorithm class and also is the only symmetric algorithm that fully runs in controlled code. Numbers 4.6 and also 4.7 show an example using Rijndael encryption in ASP.NET. Keep in mind that Rijndael encryption does no have any known weak keys and also therefore go not assistance the IsWeakKey method.


The Rijndael cipher is the fastest and supports the largest crucial size of every the .NET framework ciphers.

RC2

RC2 is a symmetric block cipher draft by Ronald Rivest of RSA. RSA designed RC2 together a straight replacement for DES, improving on the performance and providing a variable key size. RC2 is commonly used in S/MIME for sure email and is stated to be two to 3 times as fast as DES. The complete RC2 specification is obtainable at www.ietf.org/rfc/rfc2268.txt. Number 4.8 and also Figure 4.9 display examples using RC2 encryption. Prefer Rijndael, RC2 does not have any type of known weak keys and also therefore walk not support the IsWeakKey method.


RC2 is a widely provided algorithm that permits a selection of vital lengths, however you must be aware that defense experts take into consideration RC2 with smaller secrets to be insecure. Girlfriend should constantly use a 128-bit key, the maximum size available.

Selecting an Algorithm

Selecting a symmetric encryption algorithm is basically a matter of key length, compatibility, performance, experience, and an individual preference. It is extremely daunting to prove the an encryption algorithm is the many secure, return the fail to demonstrate vulnerabilities in time is usually great enough proof. Ultimately, the strength of the algorithm is based on the size of the key, yet there is no guarantee the any certain algorithm is without flaws.


WARNING

At the moment of this writing, there room no well-known flaws with these algorithms, other than limitations on vital length. However, we do understand that some government agencies invest a great amount of money and also effort in search of flaws in this algorithms. If together an company were ever to uncover (or currently has discovered) a flaw, you have the right to bet that would come to be one of their most closely guarded secrets. In fact, they would most likely go to great lengths to offer the impression the they have actually no reservation of any type of flaws through the algorithms.


In a situation in which protection is a much greater priority than performance, you can avoid exposure by layering multiple algorithms as presented in numbers 4.10 and 4.11. Since CryptoStreams allow chaining, that is a simple process to administer multiple layers of encryption.


Establishing Keys and Initialization Vectors

A variety of parameters determine the outcome of the ciphertext. To decrypt the ciphertext, you have to use the same algorithm and also the same parameters. Two of the parameters you need to intentionally adjust each time room the vital and the initialization vector (IV). The vital is the secret an essential to ensuring the truth of the data and also the IV ensures randomness and also uniqueness the the ciphertext blocks.

If you encrypt data with the same vital each time, girlfriend will always end up through the very same ciphertext. Discovering this, one attacker can at some point gain enough data come decode plenty of messages. To stop this, the symmetric encryption algorithms use the IV to initialize the process, ensuring a unique ciphertext message. The message recipient must know both the an essential and the IV come decrypt the message, however only the key must continue to be secret.


WARNING

When developing a vital and IV, never derive one native the other, since knowing the IV could allow the attacker to determine the key. Additionally be certain to prevent a solved IV for all encryption. The best solution is to usage the random IV the the algorithm instantly creates once it's initialized.


There room some difficulties when it comes to exchanging keys, specifically when it comes to sharing a key without any type of prior common secrets. The entirety reason for the encryption is that you carry out not trust the transmission medium. Therefore, you have to somehow transmit the crucial over one insecure connection, but if you currently have a certain connection, why would you need more encryption? Suppose, for example, the you desire to send someone an encrypted message. The recipient will certainly not have the ability to read your message unless you provide her the ideal key. It makes no sense to send the vital along with the message, so friend instead speak to the receiver on the phone to convey the key. But due to the fact that you currently trust the phone call line enough to re-superstructure the key, friend might too go ahead and share the totality message. This is a significant shortcoming that symmetric cryptography however is an worry we have the right to overcome with an essential exchange algorithms and by making use of asymmetric cryptography. Because that an ASP.NET application, this is not as great an issue, due to the fact that you can conveniently use SSL to establish a for sure session.

Most frequently you will usage symmetric encryption for conserving sensitive setups or user data. The difficulty with this is the your ASP.NET applications must recognize the key and as such must save the vital for its very own use. This is a problem since if one attacker takes end the application, the attacker will certainly gain access to the application's keys. For example, ASP.NET provides the machine.config file to store the encryption tricks for plenty of encryption operations, such as encrypting a creates authentication ticket. If one attacker were able to read this file, the attacker could forge his own authentication tickets. To aid this situation, you can use DPAPI, as described later in this chapter. Girlfriend should additionally design your application so that it allows you to regularly change your keys.

Sometimes you can want the user to be able to encrypt information that even you can not access. The user gives the key and climate gains accessibility to the encrypted data. However, it generally is not useful to intend a user to memorize or type a large encryption key. If individuals have worries remembering a password of 6 or eight characters, how will castle remember a 128-bit key? The systems is to permit the user to go into a password the you use to derive an proper key.


The PasswordDeriveBytes.CryptDeriveKey an approach can produce an appropriate vital based ~ above a password, salt, algorithm, and variety of iterations. This method creates a hash the the password utilizing the supplied salt and uses that hash come create an additional hash, repeating this process for as plenty of iterations specified. The an outcome is a long string perfect to use as a key. Figures 4.12 and also 4.13 demonstrate the password to usage CryptDeriveKey, and Figure 4.14 mirrors an example an essential derived from a user's password.


Figure 4.12. Making use of CryptDeriveKey: C#


Figure 4.13. Making use of CryptDeriveKey: VB.NET


Figure 4.14. Example of key Derived indigenous a Password


WARNING

Note the although you have the right to use CryptDeriveKey to turn a brief password into a strong key, save in mind that the vital is only as solid as the password itself. By using CryptDeriveKey, girlfriend are properly reducing the key strength to that of the password, not the other means around. However, making use of a large number that iterations absolutely will slow a brute-force assault because the attacker would need to perform those iterations because that each password attempt. For a password-cracking tool, every millisecond provides a huge difference.


When making use of CBC or CFB modes, you must collection an initialization vector. The IV works favor a salt to additional transform the data therefore that two plaintext message encrypted with distinct IVs will create unique ciphertext data. This renders it more an overwhelming to carry out a dictionary assault on the ciphertext. Normally you desire to use a random number for the IV, which SymmetricAlgorithm immediately generates once the course is created. You must read this property and also store the IV so that you deserve to later decrypt the ciphertext. If you create your own IV, you require to create one the is the same length as the key. Note that the IV is not a mystery and you do not need to take special actions to defend it. Figures 4.15 and 4.16 display examples of how you can append the IV and also the ciphertext so the you have the right to store castle together. They likewise show exactly how you can extract the IV and also decrypt the ciphertext.


Symmetric cryptography does have actually its limitations and also weaknesses, yet it also plays critical role in protecting data. The .NET framework provides great support because that well-established symmetric ciphers, and also you should always encrypt sensitive data. Develop a solid framework for encryption early in your applications design.

Security Policies

Use strong symmetric ciphers to ensure the privacy that data.

Never count on XOR, ROT-13, base-64 encoding, or any type of homegrown encryption or obfuscation algorithm.

Avoid utilizing DES unless absolutely essential for backward compatibility; take into consideration 3DES together a compatible alternative.

Use Rijndael/AES encryption for the ideal security and also performance.

If using RC2 encryption, use 128-bit secrets whenever possible.

See more: Rk Motor 3700 N Holton St Milwaukee, 3700 N Holton St,53212, R K Motors Reviews, Ratings

When defense is a high priority and also performance a low priority, think about layering encryption algorithms.