tags:

views:

827

answers:

3
+3  Q: 

Which built-in .NET cryptography algorithm is the most secure?

Hi,

Which cryptography algorithm is the most secure that ships with .net?

+4  A: 

As a direct answer: AES 256 Bit.

It's been beat on the most out of all the algorithms, and stands up well.

As a more involved answer: all the algorithms will work fine if you manage them well. Cyptography is more than the algorithm - it's about key storage, encryption mode, how you implement the call to the algorithm. It's akin to getting bullet proof walls on the outside of your house - but forgetting someone can fake your automatic garage door signal.

Tom Ritter  2008-11-03 14:19:00
A: 

I'm somewhat partial to SHA-512. If 512 is a little excessive, the other members of the SHA-2 family might be helpful - SHA-256 and SHA-384 are both in the SHA-2 family. But AviewAnew's suggestion of AES 256 is good as well.

Thomas Owens  2008-11-03 14:22:00
the msdn examples don't seem to be using a key to generate the hash?
 2008-11-03 14:27:13
Because you don't use a key to generate the hash. A SHA hash will always be the same for a given input.
Thomas Owens  2008-11-03 14:28:12
Since the tag is encryption, I think we wanted an encryption algorithm, rather than a Hash function. ASDF - A Hash function is unkeyed. A MAC (sometimes called a keyed hash function) uses a key and has a different purpose from SHA or AES.
Tom Ritter  2008-11-03 14:29:32
That could be. Based on the question, though, SHA does fit the bill as a cryptographic hash function.
Thomas Owens  2008-11-03 14:33:19
+8  A: 

You cannot directly compare all types of cryptographic algorithms. That would be like comparing a sorting algorithm with a multiplication algorithm: they have different purposes. That being said, I would answer:

  • Symmetric cipher: AES-256
  • Asymmetric cipher: RSA with 4096 bit key (I believe that is the maximum in .NET) or ECDSA with 571 bit key (but that is only supported in .NET 3.5)
  • Hash: SHA-512
  • Message Authentication Code: HMAC with SHA-512

That being said, those are overkill for most applications, and you should do fine using AES-128, RSA with 2048 bit key, SHA-256 and HMAC with SHA-256.

Rasmus Faber  2008-11-03 14:32:46
Rasmus, what would be ideal for a licence key?
 2008-11-03 15:28:44
My answer here: http://stackoverflow.com/questions/258994/net-cryptography-for-licence-keys#259458
Rasmus Faber  2008-11-03 18:12:19

related questions

Subsonic Vs NHibernate
How to check For File Lock in C# ?
Is nAnt still supported and suitable for .net 3.5/VS2008?
Limit size of Queue<T> in .NET?
Viewstate invalid when using Safari
Free OCR library
Unhandled Exception Handler in .NET 1.1
Localising date format descriptors
Get a new object instance from a Type in C#
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
.NET Testing Framework Advice
Embedded Database for .net that can run off a network
Automatically update version number
Homegrown consumption of web services
How do you migrate a large app from VB6 to VB .net ?
.NET Migrations Engine
Adding Scripting functionality to .NET applications
SQLite and XSD
Floating Point Number parsing: Is there a Catch All algorithm?
How do I programmatically create a PDF in my .NET application?
How do I sync the SVN revision number with my ASP.NET web site?
XSD DataSets and ignoring foreign keys
Anatomy of a "Memory Leak"
Reliable Timer in a Console Application
How do I calculate relative time?