So you are running .NET 2.0 and want to implement the Advanced Encryption Standard (hereafter referred to as AES), eh? Well, no worries. Although this was first "officially" supported with .NET 3.5 in the System.Security.Cryptography namespace, the standard itself is based on the Rijndael cipher why it is rather easy to take advantage of this widely accepted encryption standard.
For more information about the theory behind Rijndael and AES take a look at this Wikipedia article.
As you may have discovered from the reading above and the example provided by MSDN, it can be rather cumbersome and time consuming to implement the AES, why the Cuemon.Security.Cryptography namespace provide you with a static AdvancedEncryptionStandardUtility class that significantly will ease the implementation of an AES secured application accepting key sizes of 128-, 192- and 256-bit.
To give an example on how you could use the AES, have a look at Figure 1. This very basic AesExample class will pre-initialize some required properties that we can use in Figure 2 with an equally basic test method. Figure 3 shows the output of the test.
public class AesExample
{
public AesExample()
{
this.Encoding = Encoding.UTF8;
this.InitializationVector = AdvancedEncryptionStandardUtility.GenerateInitializationVector();
}
public virtual byte[] SecretKey
{
get { return Convert.FromBase64String("bzl6ZmxoU3Z3a2x4YkVLTmdZYkRGTEI5TEVUMTAya0s="); }
}
public Encoding Encoding { get; private set; }
public byte[] InitializationVector { get; set; }
public byte[] Lock(string secret)
{
return AdvancedEncryptionStandardUtility.Encrypt(ConvertUtility.ToByteArray(secret, PreambleSequence.Remove, this.Encoding),
this.SecretKey,
this.InitializationVector);
}
public string Unlock(byte[] secret)
{
return ConvertUtility.ToString(AdvancedEncryptionStandardUtility.Decrypt(secret, this.SecretKey, this.InitializationVector),
PreambleSequence.Remove,
this.Encoding);
}
}
Figure 1: A basic class to show a potential usage of the AdvancedEncryptionStandardUtility class
[TestClass]
public class AesExampleTest
{
[TestMethod]
public void TestAes()
{
AesExample aes = new AesExample();
string sensitiveValue = "This is my top secret value that needs protection by AES 256.";
byte[] lockedValue = aes.Lock(sensitiveValue);
string unlockedValue = aes.Unlock(lockedValue);
Assert.IsTrue(sensitiveValue.Equals(unlockedValue));
Debug.WriteLine("Sensitive value is: {0}", sensitiveValue as object);
Debug.WriteLine("Secret key is: {0}", Convert.ToBase64String(aes.SecretKey) as object);
Debug.WriteLine("Initialization Vector is: {0}", Convert.ToBase64String(aes.InitializationVector) as object);
Debug.WriteLine("Locked value is: {0}", Convert.ToBase64String(lockedValue) as object);
Debug.WriteLine("Unlocked value is: {0}", unlockedValue as object);
}
}
Figure 2: A simple test method that utilizes the class in Figure 1
Debug Trace:
Senstive value is: This is my top secret
value that needs protection by AES 256.
Secret key is:
bzl6ZmxoU3Z3a2x4YkVLTmdZYkRGTEI5TEVUMTAya0s=
Initialization Vector is: RkJnTlRlYXlxNjBya1R2cQ==
Locked value is:
J+wLayRmJIglaHUKSMfFblL75Cz1g5qU2oWrXUU9wVhR8aMbhw0YQPZQ3fTsRfxFYZfHlm1Xp31MD7CdQwIvDw==
Unlocked value is: This is my top secret value that needs protection by AES
256.
Figure 3: The output of the test in Figure 2
When using the AES always provide a new, random and unique IV on each usage. With this in mind, it is perfectly safe to send the IV together with the encrypted value as there is no way to guess the secret key since the output is unpredictable. For more information do take a look at this Wikipedia article.
I hope this little introduction to the AdvancedEncryptionStandardUtility class has proven usefull to you. Happy coding.
