tags:

views:

388

answers:

1
+1  Q: 

Achieving AES-256 Channel Encryption with the .NET Compact Framework

Hi There,

I am working on a business application where the clients are Windows Mobile 6.1 Professional devices. The server is a Java enterprise application.

The industry working group recommends AES-256 encryption for client/server communications. This is necessary to gain certification. The encryption doesn't necessarily need to be channel encryption, it could be payload encryption. Channel encryption is preferable.

The client and server communicate using SOAP/HTTP, which we are yet to implement. We plan to use WCF on the compact framework. In order to alleviate some of the work required to implement manual encryption/decryption, it would be nice if we could achieve the required encryption either at the TLS level, or somehow using the WS-* standards (I'm not particularly familiar with that group of technologies but I am learning right now). The server supports https with 256-bit AES.

Does anybody have an idea on the best way to implement this?

Thanks in advance.

A: 

Channel encryption is likely to be the easiest and most flexible to implement. Using it reduces the dependency between client and server code. The client just needs to make HTTPS calls to the server location. For security alone, you take on a lot of the burden at the application level with WS-Security.

If you need to pass the data through intermediaries that are not fully trusted then payload encryption is going to be more of a requirement.

BrianLy  2009-09-15 22:57:08
This is what I had in mind. The problem is that I'm unsure whether or not the .net compact framework will support AES-256 as an encryption type for web service connections. I am hoping to find out a) if it does, and b) how to implement it using the standard framework libraries.
pakeha  2009-09-16 03:16:00

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?