Microsoft Visual C# 2005 Unleashed

Secret-key encryption, also referred to as symmetric encryption, is designed to work on large amounts of data. As such, symmetric encryption code works on streams of data as opposed to arrays of bytes. When you wrap a stream of regular data inside a specialized encryption stream called a CryptoStream, data is encrypted on the fly as it is placed into the stream. The same is true of decryption; data is decrypted on the fly as it is read from the stream.

As mentioned earlier, in symmetric encryption the key used to encrypt the data is the same key that is used to decrypt the data. As a result, the safety of the key is paramount. If someone were to obtain your key, not only could he decrypt your private data, but he could encrypt his own data as if he were you.

Also, remember that to properly encrypt blocks of data using symmetric encryption, you need an Initialization Vector (IV) to allow the encryption algorithm to encrypt blocks with partial data from previous blocks to reduce the predictability of output.

The code in Listing 15.1 shows the use of symmetric encryption and decryption to encrypt a message into a binary file on disk and then use another CryptoStream to read from the encrypted file.

Listing 15.1. Symmetric Encryption and Decryption

using System; using System.IO; using System.Security; using System.Security.Cryptography; using System.Collections.Generic; using System.Text; namespace SymmetricEncryption { class Program { static void Main(string[] args) { RijndaelManaged rmCrypto = new RijndaelManaged(); // these keys are completely artificial. In a real-world scenario, // your key and IV will be far less obivous :) byte[] key = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 }; byte[] IV = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16 }; string clearMessage = "This string will be encrypted symmetrically and decrypted " + "using the same key."; FileStream fs = new FileStream("encrypted.dat", FileMode.Create); CryptoStream cs = new CryptoStream( fs, rmCrypto.CreateEncryptor(key, IV), CryptoStreamMode.Write); cs.Write(System.Text.ASCIIEncoding.ASCII.GetBytes(clearMessage), 0, clearMessage.Length); cs.Close(); fs.Close(); // open the encrypted file using a different stream to show // the symmetric decryption. FileStream fs2 = new FileStream("encrypted.dat", FileMode.Open); CryptoStream cs2 = new CryptoStream( fs2, rmCrypto.CreateDecryptor(key, IV), CryptoStreamMode.Read); byte[] decryptedData = new byte[fs2.Length]; cs2.Read(decryptedData, 0, (int)fs2.Length); cs2.Close(); fs2.Close(); Console.WriteLine("Decrypted Message:\n{0}", System.Text.ASCIIEncoding.ASCII.GetString(decryptedData)); Console.ReadLine(); } } }

Категории