My blog has moved and can now be found at http://blog.aniljohn.com

No action is needed on your part if you are already subscribed to this blog via e-mail or its syndication feed.

Tuesday, March 9, 2004
« Upcoming Security and Architecture Webca... | Main | Which Cryptographic Operations are Avail... »

As I've remarked before, Crypto support in the .NET BCL is pretty extensive.  As such, please do NOT roll your own Crypto! This is one of those things that unless you know what you are doing you can seriously shoot yourself in the foot. 

.NET Crypto FAQ from GotDotNet [1]

In addition, here are some pointers to some .NET Crypto libraries that I personally use.  I use them because they are well tested, written by people who actually do this for a living and have a lot more knowledge of the topic than I do (... and I do not want to shoot myself in the foot!).

How To: Create an Encryption Library [2]
[MS PAG] This How To shows you how to create a managed class library to provide encryption functionality for applications. It allows an application to choose the encryption algorithm. Supported algorithms include DES, Triple DES, RC2, and Rijndael.

How To: Create a DPAPI Library [3]
[MS PAG] This How To shows you how to create a managed class library that exposes DPAPI functionality to applications that want to encrypt data, for example, database connection strings and account credentials.

Encrypting and decrypting data [4]
[Ivan Medvedev, former CLR Security guy, and now a member of the Secure Windows Initiative Red Team]

[1] http://www.gotdotnet.com/team/clr/cryptofaq.htm

[2] http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT10.asp

[3] http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT07.asp

[4] http://www.dotnetthis.com/Articles/Crypto.htm

[Now Playing: Meri Makhna Meri Soniye - Baghban]

Tags:: Security
3/9/2004 9:09 AM Eastern Standard Time  |  Comments [1]  |  Disclaimer  |  Permalink   
Sunday, May 8, 2005 12:06:50 AM (Eastern Daylight Time, UTC-04:00)
John,
<br> I tried to take developers through Cryptography understaning on my blog post. Take a look and let me know what you think
<br><a target="_new" href="http://ipattern.com/simpleblog/PermLink.aspx?entryid=19">http://ipattern.com/simpleblog/PermLink.aspx?entryid=19</a>
<br>
<br>Maxim
<br>[www.ipattern.com do you?]
Maxim V. Karpov
Comments are closed.