File encryption library for .NET

views:

263

answers:

+1 Q:

File encryption library for .NET

I'm looking for a file encryption library under .NET. It needs to be able to seek so CryptoStream is out of question. (I know it inherits a Seek method but it's not implemented.)

I need to seek because my application deals with large files in a non-sequential order. I also need to read and write the files at the same time.

I know that most of the time CBC is used for file encryption but seeking (and writing) is impossible using it. But somehow full disk encryption softwares like TrueCrypt and BitLocker manage to use it like that. (Edit: TrueCrypt doesn't use CBC any more, they moved to LRW then to XTS. My point is that it's possible.)

This is a hobby project so I'm interested in free libraries. Also it doesn't matter if it only supports .NET 4.

Edit: Bouncy Castle isn't good because it's CipherStream can't seek just like .NET's CryptoStream.

+2 A:

One option may be bouncy castle which is free:

http://www.bouncycastle.org/csharp/

I am not sure how you want to seek within your project. But it has atleast some functionality to get around problems with seek:

"X509CertificateParser/X509CrlParser now handle multiple certificates/CRLs in streams that don't support seeking"

Shiraz Bhaiji 2009-07-27 15:37:28

Thanks. I'm going to look at it.

KovBal 2009-07-27 18:26:41

It's very odd to me that just after randomly reading about this library I'd not known of before, I came to StackOverflow and the top question on the home page could be answered by this library.

dlamblin 2009-07-27 18:40:16

@dlamblin: Everything's connected! :)

KovBal 2009-07-27 18:47:51

The Certificate / CRL parser being able to deal with non-seekable streams isn't the same thing as providing a seekable encrypted file implementation, which is what the OP is after.

caf 2009-07-28 21:46:10

I haven't found anything in Bouncy Caste that support seeking streams.

KovBal 2009-07-31 13:01:08

Seeking isn't impossible under CBC - in fact CBC mode is trivially seekable. To decrypt block i, you only need to know the key, the encrypted block C_i and the previous encrypted block C_i-1. You certainly don't have to decrypt the entire previous stream.

caf 2009-07-28 11:51:36

Thank you! Seems like I should double-checked it. Anyway, I think this should a comment. If you wanted to say that I could easily implement it than I say that I rather use an existing library for this because it's very easy to get it wrong.

KovBal 2009-07-28 16:09:29

Oh, wait! Seeking and **writing** is impossible with CBC because then you'd have to change all the further blocks!

KovBal 2009-07-28 16:12:10

This is true, and the way that TrueCrypt (when it used CBC mode, which is hasn't for a long while) got around this is by re-starting the CBC with a new IV at the start of each sector. Disks only read and write a sector at a time anyway.You will probably need to find an implementation that treats files in a similar way, by breaking them up into independent chunks that are read and written together.

caf 2009-07-28 21:50:28

To be honest, I started to write a library that does this, but after I found out how difficult it is, I started to looking for a library :)

KovBal 2009-07-31 13:03:59

ansaurus

tags:

views:

answers:

File encryption library for .NET

related questions