Which FIPS compatible algorithm is better in dotNet 2.0?

views:

342

answers:

Which FIPS compatible algorithm is better in dotNet 2.0?

I used Rijndael algorithm to encrypt/decrypt my data. But it is not FIPS compatible. I want to change it to another one. Could you please give me a suggestion that which one is better? Better means:

FIPS compatible
High security level
This algorithm should came from dotnet 2.0 framework which provided by Microsoft.

Thanks

-Jamebo

+1 A:

You can use AES 256, many vendors use it and got their FIPS certification.
The thing is that is not enough to use the "proper" encryption algorithm in order to be FIPS compliant, you need to subject your system for testing by the NIST.

Edit: someone already did a test on all .NET 2.0 & 3.5 providers to see if they are FIPS compliant.

long story short:

Under .NET 2.0 the following are supported:
DESCryptoServiceProvider
DSACryptoServiceProvider
RSACryptoServiceProvider
TripleDESCryptoServiceProvider

Shay Erlichmen 2009-04-13 06:24:21

System.Security.Cryptography.AES is provided in dotNet 3.5. I want to the algorithm for dotNet 2.0. Is there another tip?

Jamebo 2009-04-13 09:26:01

AesManaged Class (MSDN):If the Windows security policy setting for Federal Information Processing Standards (FIPS)- compliant algorithms is enabled, using this algorithm throws a CryptographicException.

Jamebo 2009-04-13 09:47:56

TripleDesCryptoServiceProvider constructor maybe throw exception:if (!Utils.HasAlgorithm(0x6603, 0)){throw new CryptographicException(Environment.GetResourceString("Cryptography_CSP_AlgorithmNotAvailable"));}So, when will this exception be thrown? In some old operation system? How about Win2000?

Jamebo 2009-04-13 14:54:38

ansaurus

tags:

views:

answers:

Which FIPS compatible algorithm is better in dotNet 2.0?

related questions