advertisement
Login | Register   
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX

Is the SMB Protocol an Open Door to Network Intruders?
Cybersecurity and the Art of Misdirection
The Problems with Encrypting Data in the Cloud
In the Cloud, Encryption in Motion + Encryption at Rest = Not Good Enough
The Biggest Cybersecurity Story of the Week

advertisement
advertisement
 

Create a Simple, Reusable Infrastructure for Public Key Encryption Using VB.NET

When using public key encryption, you're vulnerable to tricks dreamed up by untrusted sources, including subtle altering of encrypted messages. In this article you'll learn to foil them using a message hash and new cryptographic classes included in the .NET Framework. Design and implement your own public key cryptography infrastructure and test it with a VB.NET WinForms tester application.


by David Saylor
Sep 8, 2003
Page 1 of 4
advertisement
ryptography is the science of transforming messages so that the meaning is hidden (encryption) and recovering the hidden meaning from transformed messages (decryption). A transformed message, in which the meaning is hidden, is called cipher text, while the non-transformed or recovered message, in which the meaning is not hidden, is called plain text. There are many methods of reversible transformation suitable for encryption/decryption applications.

Most modern cryptographic methods treat messages as a sequence of characters represented numerically. These are transformed through mathematical algorithms, involving the use of one or more "keys." A key is a number or group of numbers that, used in a transformation algorithm, transform or restore the numbers that represent the characters of a message. Symmetric cryptographic transformations use the same key for encryption and decryption. The process is therefore described as "symmetrical." Asymmetric cryptography, on the other hand, uses different but mathematically related keys for encryption and decryption.

Asymmetric Cryptography
In asymmetric cryptography, the key that is used to encrypt messages can be freely distributed via any non-secure medium, or a public key. Thus, asymmetric cryptography is also referred to as public key cryptography. However, messages encrypted with the public key cannot be decrypted using the public key. Public key encrypted messages can only be decrypted using the corresponding private key which is kept secure. Adding to the confusion, messages encrypted using the private key can only be decrypted using the corresponding public key. Encryption and decryption are very useful tools. However, these tools alone cannot address all secure messaging concerns. For example, since public keys are public, anyone can encrypt messages that decrypt with a private key. It would be very easy for an imposter to encrypt a message and claim to be someone you trust. Furthermore, it is possible for someone familiar with the public key cryptography algorithms to alter an encrypted message in an undetectable manner. This altered message could involve inserting, deleting, or replacing part of the original message.

You can alleviate these concerns by using a message hash in conjunction with public key encryption and decryption. A message hash is a digest of a message. Hashing algorithms process a message of any length into a fixed length hash. These algorithms are designed so that even very minor alterations to the message—such as inserting, deleting or changing a single character—results in a very different hash result.

  1234 Next Page »
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 
advertisement
Sitemap