.NET Security and Cryptography

As we shall see in Chapters 3, 4, 5, and 6, there are several cryptography classes available in the .NET Framework. These classes support all of the most important cryptographic algorithms in modern use. We will see these again in much greater detail in the appropriate upcoming chapters, but for now, let's just get a bird's-eye view of the major areas of functionality that are covered by these classes.

  • DES, 3DES, and RC2 symmetric encryption

  • Cryptographic streams

  • RSA asymmetric encryption

  • RSA and DSA digital signatures

  • Hash algorithms, including MD5, SHA1, SHA-256, and so on

  • Message Authentication Codes (MAC)

  • Keyed hash algorithm

  • Pseudorandom number generators [19] (PRNG)

    [19] The .NET Framework provides a useful class named Random in the System namespace that can be used for generating pseudorandom number sequences for games , simulations, and most statistical purposes. However, you must never use it for cryptographic purposes, or you run the risk of seriously weakening the security of your application. For cryptographic purposes, be sure to always use a cryptographic strength PRNG, as explained in later chapters.

  • XML encryption

  • XML signatures

  • ASP.NET security

  • Web services security

Категории