Cryptography
-
I'm just starting to look at creating a Rijndael encryption library to encrypt strings and files (input and output file name). However, since this is just for my personal use the key is stored right in the library. I'm trying to look into a way to be able to use this library but store the encryption key securely to use for encryption, and decryption. Or would asymmetric encryption be better? What articles would you recommend to look at for either case for key, and possibly init vector storage either on CodeProject or elsewhere? I've been trying to find some simple articles that are very good, but maybe I'm not using the correct search terms. Thanks
Revolutionary: Disk drives go round and round.
-
I'm just starting to look at creating a Rijndael encryption library to encrypt strings and files (input and output file name). However, since this is just for my personal use the key is stored right in the library. I'm trying to look into a way to be able to use this library but store the encryption key securely to use for encryption, and decryption. Or would asymmetric encryption be better? What articles would you recommend to look at for either case for key, and possibly init vector storage either on CodeProject or elsewhere? I've been trying to find some simple articles that are very good, but maybe I'm not using the correct search terms. Thanks
Revolutionary: Disk drives go round and round.
1. Rijndael algorithm is already implemented in C# Stdlib. 2. The whole purpose of having key is to NOT writing it down. For example you can generate it from password. Lets say you have a password "foobar". To encrypt data you get hashcode from you password and you use it as key, then to decrypt the data, you will just get hash from password again. So, what's the point of keeping key?
-
1. Rijndael algorithm is already implemented in C# Stdlib. 2. The whole purpose of having key is to NOT writing it down. For example you can generate it from password. Lets say you have a password "foobar". To encrypt data you get hashcode from you password and you use it as key, then to decrypt the data, you will just get hash from password again. So, what's the point of keeping key?
Right, I was just starting to research this topic. I'm new to this so I was trying to get it to work any way I could at first and then as I learn more, the library would become more mature and secure. I will look into generated a key from a password. It seems there is an object type called PasswordDerivedBytes as I searched a little last night. I am looking for a way to keep the key secure as I know it's not good to store it. So now when I use this with a website or program, the password will simply need to be passed in to generate the key in the code for encrypting decrypting if I am understanding this correctly. Thanks for that suggestion, I will attempt to put it to use. Hope you had a great weekend.
Revolutionary: Disk drives go round and round.