Why Encryption?
The Internet is an international network consisting of individual computers and computer networks that are all interconnected by many paths. Unlike Local Area Networks where access is physically restricted to authorized users, the Internet is a public network and can be accessed by anyone.
On the Internet this can be your credit card numbers, bank account information, health/social security information, or personal correspondence with someone else.
There are generally two main types of encryption and decryption algorithms, symmetric and asymmetric. In symmetric encryption, a secret key or password is used to scramble data while decrypt the scrambled data, the same key has to be used. DES and RC2 are examples of symmetric algorithms.
While using this encryption, it is essential that the sender and receiver have a way to exchange secret keys in a secure manner. If someone knows the secret key and can figure out the algorithm, communications will be insecure. There is also the need for a strong encryption algorithm. What this means is that if someone were to have a cipher text and a corresponding plaintext message, they would be unable to determine the encryption algorithm.
How Encryption Works
The easy way of encryption is applying a mathematical function to the plain text and converting it to an encrypted cipher. The harder part is to ensure that the people who are supposed to decipher this message can do so with ease, yet only those authorized are able to decipher it. We of-course also have to establish the legitimacy of the mathematical function used to make sure that it is sufficiently complex and mathematically sound to give us a high degree of safety.
A conventional encryption scheme has five major parts:
- Plaintext - this is the text message to which an algorithm is applied.
- Encryption Algorithm - it performs mathematical operations to conduct substitutions and transformations to the plaintext.
- Secret Key - This is the input for the algorithm as the key dictates the encrypted outcome.
- Ciphertext - This is the encrypted or scrambled message produced by applying the algorithm to the plaintext message using the secret key.
- Decryption Algorithm - This is the encryption algorithm in reverse. It uses the ciphertext, and the secret key to derive the plaintext message.
Creating symmetric encryption classes
In .NET Framework is available abstract base class Symmetric Algorithm, which is able to provide general class to work with symmetric encryption classes. The code bellow shows how to use it to create each class:
Namespaces:
using System;
using System.Security.Cryptography;
Code:
static void Main(string[] args)
{
// call static method Create on SymmetricAlgorithm class
// create DES instance
SymmetricAlgorithm des = SymmetricAlgorithm.Create("DES");
// create TripleDES instance (can be used string '3DES'
SymmetricAlgorithm des3 = SymmetricAlgorithm.Create("TripleDES");
// SymmetricAlgorithm des3 = SymmetricAlgorithm.Create("3DES");
// create RC2 instance
SymmetricAlgorithm rc2 = SymmetricAlgorithm.Create("RC2");
// create Rijndael instance
SymmetricAlgorithm rdm = SymmetricAlgorithm.Create("Rijndael");
}
Symmetric encryption/decryption of plaintext using DES
Namespaces:
using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
// creating instance of DES class
SymmetricAlgorithm desObj = DES.Create();
Symmetric encryption/decryption of plaintext using RC2
See sample "Symmetric encryption/decryption of plaintext using DES" and change line
SymmetricAlgorithm desObj = DES.Create();
with following line
SymmetricAlgorithm desObj = RC2.Create();
Change other settings appropriately.
Here is a class that handles symmetric encryption and decryption using the .NET Rijndael provider. This works well when passing data that you need to keep encrypted over a URL. Remember to UrlEncode the resulting Base64 string with Server.UrlEncode() if you plan on passing your encrypted string as part of the Query String. I tried to boil it down to its simplest form.
Symmetric encryption/decryption of plaintext using Rijndael
See "Symmetric encryption/decryption of plaintext using DES" and change line
SymmetricAlgorithm desObj = DES.Create();
SymmetricAlgorithm desObj = Rijndael.Create();
The output will be :--