Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > CryptoStream

Reply
Thread Tools

CryptoStream

 
 
Fred Herring
Guest
Posts: n/a
 
      01-06-2005
I have some basic understanding questions about encryption. I am looking at
implementing the Rijndael (256) encryption scheme. Does this imply that the
key must be a string of 256 characters? Is the key something that I can just
type out or is this something the crypto class needs to generate for me. My
second questions is about the IV byte array. What function is served by this
byte array and what is the recommended manner to create this byte array?

Thanks,
Fred Herring


 
Reply With Quote
 
 
 
 
Alek Davis
Guest
Posts: n/a
 
      01-06-2005
Fred,

Check these samples (I think they will answer your questions):

http://www.obviex.com/Samples/Encryption.aspx (explains how to use Rijndael)
http://www.obviex.com/Articles/CiphertextSize.aspx (there is a section
explaining what IV does and how it works)

Alek

"Fred Herring" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I have some basic understanding questions about encryption. I am looking

at
> implementing the Rijndael (256) encryption scheme. Does this imply that

the
> key must be a string of 256 characters? Is the key something that I can

just
> type out or is this something the crypto class needs to generate for me.

My
> second questions is about the IV byte array. What function is served by

this
> byte array and what is the recommended manner to create this byte array?
>
> Thanks,
> Fred Herring
>
>



 
Reply With Quote
 
 
 
 
Alek Davis
Guest
Posts: n/a
 
      01-07-2005
Quick answers:

Rijndael key is typically a 256-bit (not character) value. It can also be
128 or 192-bit long, but 256 bits is your best bet (256 bits = 32 bytes).
You can define the actual bits (bytes) of the Rijndael key yourself, but a
more common approach is to derive the key from a password (passphrase),
which can be a string of any length (this is done using the API call
sequence you can follow in the example mentioned in the previous post). By
the way, you may need to figure out how to protect the key (or passphrase).

You need to use the initialization vector (IV) in certain (better)
encryption modes, such as CBC, for encrypting the first block of the
plaintext data (and decrypting the first block of the ciphertext). In other
modes, IV may not be needed, but these modes are typically not recommended,
so the rule of thumb is: use IV. The size of IV must match the encryption
block size, which in many cases is 16-byte (not bit) long, so you can use
any 16-character ASCII string for this.

Alek

"Alek Davis" <alek_xDOTx_davis_xATx_intel_xDOTx_com> wrote in message
news:(E-Mail Removed)...
> Fred,
>
> Check these samples (I think they will answer your questions):
>
> http://www.obviex.com/Samples/Encryption.aspx (explains how to use

Rijndael)
> http://www.obviex.com/Articles/CiphertextSize.aspx (there is a section
> explaining what IV does and how it works)
>
> Alek
>
> "Fred Herring" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > I have some basic understanding questions about encryption. I am

looking
> at
> > implementing the Rijndael (256) encryption scheme. Does this imply that

> the
> > key must be a string of 256 characters? Is the key something that I can

> just
> > type out or is this something the crypto class needs to generate for me.

> My
> > second questions is about the IV byte array. What function is served by

> this
> > byte array and what is the recommended manner to create this byte array?
> >
> > Thanks,
> > Fred Herring
> >
> >

>
>



 
Reply With Quote
 
Fred Herring
Guest
Posts: n/a
 
      01-07-2005
Thankyou very much. This is much clearer to me now. So 32 byte keys and
vectors can be represented by strings 32 characters and or numbers <=255.

dim MyIV() as byte={z,27,199,c,p,14... for 32 items}

Fred

"Alek Davis" wrote:

> Quick answers:
>
> Rijndael key is typically a 256-bit (not character) value. It can also be
> 128 or 192-bit long, but 256 bits is your best bet (256 bits = 32 bytes).
> You can define the actual bits (bytes) of the Rijndael key yourself, but a
> more common approach is to derive the key from a password (passphrase),
> which can be a string of any length (this is done using the API call
> sequence you can follow in the example mentioned in the previous post). By
> the way, you may need to figure out how to protect the key (or passphrase).
>
> You need to use the initialization vector (IV) in certain (better)
> encryption modes, such as CBC, for encrypting the first block of the
> plaintext data (and decrypting the first block of the ciphertext). In other
> modes, IV may not be needed, but these modes are typically not recommended,
> so the rule of thumb is: use IV. The size of IV must match the encryption
> block size, which in many cases is 16-byte (not bit) long, so you can use
> any 16-character ASCII string for this.
>
> Alek
>
> "Alek Davis" <alek_xDOTx_davis_xATx_intel_xDOTx_com> wrote in message
> news:(E-Mail Removed)...
> > Fred,
> >
> > Check these samples (I think they will answer your questions):
> >
> > http://www.obviex.com/Samples/Encryption.aspx (explains how to use

> Rijndael)
> > http://www.obviex.com/Articles/CiphertextSize.aspx (there is a section
> > explaining what IV does and how it works)
> >
> > Alek
> >
> > "Fred Herring" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > I have some basic understanding questions about encryption. I am

> looking
> > at
> > > implementing the Rijndael (256) encryption scheme. Does this imply that

> > the
> > > key must be a string of 256 characters? Is the key something that I can

> > just
> > > type out or is this something the crypto class needs to generate for me.

> > My
> > > second questions is about the IV byte array. What function is served by

> > this
> > > byte array and what is the recommended manner to create this byte array?
> > >
> > > Thanks,
> > > Fred Herring
> > >
> > >

> >
> >

>
>
>

 
Reply With Quote
 
Alek Davis
Guest
Posts: n/a
 
      01-07-2005
Yes, they can be defined in bytes (bytes are chars or numbers <= 255). I'm
not sure if IV can be 32-byte long (I know it can be 16-byte long), so try
it out.

Alek

"Fred Herring" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> Thankyou very much. This is much clearer to me now. So 32 byte keys and
> vectors can be represented by strings 32 characters and or numbers <=255.
>
> dim MyIV() as byte={z,27,199,c,p,14... for 32 items}
>
> Fred
>
> "Alek Davis" wrote:
>
> > Quick answers:
> >
> > Rijndael key is typically a 256-bit (not character) value. It can also

be
> > 128 or 192-bit long, but 256 bits is your best bet (256 bits = 32

bytes).
> > You can define the actual bits (bytes) of the Rijndael key yourself, but

a
> > more common approach is to derive the key from a password (passphrase),
> > which can be a string of any length (this is done using the API call
> > sequence you can follow in the example mentioned in the previous post).

By
> > the way, you may need to figure out how to protect the key (or

passphrase).
> >
> > You need to use the initialization vector (IV) in certain (better)
> > encryption modes, such as CBC, for encrypting the first block of the
> > plaintext data (and decrypting the first block of the ciphertext). In

other
> > modes, IV may not be needed, but these modes are typically not

recommended,
> > so the rule of thumb is: use IV. The size of IV must match the

encryption
> > block size, which in many cases is 16-byte (not bit) long, so you can

use
> > any 16-character ASCII string for this.
> >
> > Alek
> >
> > "Alek Davis" <alek_xDOTx_davis_xATx_intel_xDOTx_com> wrote in message
> > news:(E-Mail Removed)...
> > > Fred,
> > >
> > > Check these samples (I think they will answer your questions):
> > >
> > > http://www.obviex.com/Samples/Encryption.aspx (explains how to use

> > Rijndael)
> > > http://www.obviex.com/Articles/CiphertextSize.aspx (there is a section
> > > explaining what IV does and how it works)
> > >
> > > Alek
> > >
> > > "Fred Herring" <(E-Mail Removed)> wrote in

message
> > > news:(E-Mail Removed)...
> > > > I have some basic understanding questions about encryption. I am

> > looking
> > > at
> > > > implementing the Rijndael (256) encryption scheme. Does this imply

that
> > > the
> > > > key must be a string of 256 characters? Is the key something that I

can
> > > just
> > > > type out or is this something the crypto class needs to generate for

me.
> > > My
> > > > second questions is about the IV byte array. What function is

served by
> > > this
> > > > byte array and what is the recommended manner to create this byte

array?
> > > >
> > > > Thanks,
> > > > Fred Herring
> > > >
> > > >
> > >
> > >

> >
> >
> >



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
cryptostream,padding Fred Herring ASP .Net Security 0 01-17-2005 04:01 PM



Advertisments