Monday, March 5, 2007

Private Key Encryption

Private-key encryption algorithms use a single private key to encrypt and decrypt data so it also referred to as symmetric encryption because the same key is used for encryption and decryption. Thus, we need a key and an initialization vector (IV) to encrypt and decrypt data. Without an IV the same input block of plaintext will encrypt to same output block of ciphertext, but with IV the output of two identical plaintext blocks are different and it is hard for unauthorized user to recover the key. The disadvantage of private-key encryption is that it presumes two parties have agreed on a key and IV and communicated their values. Also, the key must be kept secret from unauthorized users. Because of these problems, private-key encryption is often used in conjunction with public-key encryption to privately communicate the values of the key and IV.
The .NET Framework provides the following classes that implement private-key encryption algorithms:
  1. DESCryptoServiceProvider (DES algorithm)
  2. RC2CryptoServiceProvider (RC2 algorithm)
  3. RijndaelManaged (Rijndael algorithm)
  4. TrippleDESCryptoServiceProvider (TrippleDES algorithm)

I will use first the Rijndael algorithm.

First, to encrypt file, we have to make a key and IV (16 bytes each). Below is shown how to compose a key and an IV (key and IV have the same value) from password entered by user.

If password.Length > 8 Then

password = password.Substring(0, 8)

Else

If password.Length <>

Dim add As Integer = 8 - password.Length

Dim i As Integer

For i = 0 To add - 1

password = password + i

Next i

End If

End If

Dim UE As New UnicodeEncoding

Dim key As Byte() = UE.GetBytes(password)


A key and an IV have to be byte[] type. Because the key and IV have to be exactly 16 bytes long by default, we have to add some characters if the password is less then 8 characters (1 character = 2 bytes) or we have to truncate password string if it'is have more then 8 characters.
Next, we have to create a FileStream instance for crypted data (cryptFile is file where crypted data should be written):

Dim fsCrypt As New FileStream(cryptFile, FileMode.Create)

Next, we create a instance of RijndaelManaged class and an instance of special stream class called a CryptoStream that encrypts data read into the stream. The CryptoStream class is initialized with managed stream class (FileStream), a class that implements the ICryptoTransform interface (created from a class that implements a cryptographic algorithm - RijndaelManaged) and a CryptoStreamMode enumeration that describes the type of access permitted to the CryptoStream:


Dim RMCrypto As New RijndaelManaged

Dim cs As New CryptoStream(fsCrypt, RMCrypto.CreateEncryptor(key, key), CryptoStreamMode.Write)

After the previous code is executed, any data written to the CryptoStream object is encrypted using the Rijndael algorithm:

Dim fsIn As New FileStream(textBox1.Text, FileMode.Open)

Dim data As Integer

While(data <<= fsIn.ReadByte()) <> - 1 'ToDo: Unsupported feature: assignment within expression. "=" changed to "<="

cs.WriteByte(CByte(data))

End While

Decryption is very similar to encryption.


Posted by at No comments:
Subscribe to: Posts (Atom)