[Mono-list] Which algorithm to crypt strings ?

Tue Dec 6 08:46:55 EST 2005

Hi Sebastien,
searching with Google for "string encryption" i found this:

http://www.dotnetthis.com/Articles/Crypto.htm

what do you think ? 
Embedded in my code it works fine !!!

Bye 
Salvatore

On Tue, 06 Dec 2005 07:54:02 -0500
Sebastien Pouliot <sebastien.pouliot at gmail.com> wrote:

> Hello Salvatore,
> 
> On Tue, 2005-12-06 at 11:08 +0100, Salvatore Scarciglia wrote:
> > Hi all,
> > what's the simplest algorithm (and related Class) to, given a well known
> > string, crypt and encrypt another string using the first as key for
> > cryptography ??
> 
> There are no class in the framework to do this directly (with strings).
> If you Google you'll find *lots* of sample code to do this - but be
> aware that a lot of it is *bad*. IIRC there is a good sample from Igor
> on MSDN blogs.
> 
> > Something lik this:
> > 
> > ...
> > ...
> > ClassForCrypt X = new ClassForCrypt();
> > X.key = well_known_string;
> > string crypted = X.Crypt("string to be crypted");
> > string decrypted = X.Decrypt("string to be decrypted");
> > ...
> > ...
> 
> Using string can be problematic in many ways (e.g. encoding, line ends).
> That's why most classes (and sample code) are using byte[] arrays and
> let the user convert his data (like string) into byte arrays (e.g.
> calling System.Text.Encoding.UTF8.GetBytes).
> 
> For similar reason the output cannot be directly a string (some invalid
> characters could be present for certain encoding). A safe and
> (relatively) compact to use strings is to convert the encrypted byte
> array into base64 (Convert.ToBase64String).
> 
> You may also want to look at System.Security.Cryptography.ProtectedData
> as an easier alternative (i.e. automatic key management) if you are
> using 2.0 and aren't moving the data from one computer to another.
> 