Browse DevX
Sign up for e-mail newsletters from DevX


Learn to Use the New XML Encryption Class in .NET 2.0 : Page 4

XML is the most popular technology for structuring data. Encryption of XML data is crucial to ensure end-to-end security for applications that require secure exchange of structured data. .NET 2.0 provides simple mechanisms to encrypt and decrypt data, thereby enabling security of your data.




Building the Right Environment to Support AI, Machine Learning and Deep Learning

Advanced Concepts
What we've discussed is primarily encrypting and decrypting data with the new EncryptedXML class. If you want to send this data on disk or on the network to another person you would need to provide a means for the other person to decrypt it. In other words, you would need to share the key with the recipient.

In the examples for this article I've used symmetric key cryptography. In symmetric cryptography, the encryption algorithm requires the same secret key to be used for both encryption and decryption. (For more information on symmetric and asymmetric cryptography, see "Related Resources," left column.) Because of the type of key, this is sometimes called secret key encryption. However, in this scheme you have to carefully manage key exchange, that is, the mechanism for safely ensuring both sender and the receiver have the secret key. This is one of the weakest areas of symmetric cryptography.

The solution to this problem is to use asymmetric cryptography, where there are two keys. One key is called the private key and is never revealed, and the other is called the public key and is freely given out to all potential correspondents. A sender uses the receiver's public key to encrypt the message. Only the receiver has the related private key to decrypt the message. Asymmetric encryption is beyond the scope of this article but is something you should learn about to be able to use encryption in real life scenarios. Check the resources section for further links on this advanced topic.

The new EncryptedXML class, along with the cryptographic API, provides the fundamental blocks to secure XML data. Multiple scenarios are supported whether it's encrypting part of a document, encrypting an entire document, or similarly decrypting the document. Inclusion of these classes in the standard .NET framework simplifies XML data security.

Sanjay Shetty is the CEO of Wireless Strategist & Consultants, a consultancy for mobility, design, architecture, and Microsoft.NET. He is the Microsoft Regional Director in Mumbai, India.
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date