Creating an Encryption Utility in C# Part One

Category: .NET Framework

Creating an Encryption Utility in C# [Part 1 of 3]

Introduction

In this three part series we are going to create an Encryption utility that can take a string value and turn it into an Encrypted Binary value, and then we will take that Binary value and turn it into a Base 64 encoded string that you can cut and paste into a Web Config file or to be used as a password to pass back and forth between services. Why do we do it this way?
Because the string you want to encrypt is in a text format and encrypted data is in a binary format it is necessary to do some conversion between those formats. Base64 is a well known and broadly used method to send binary data as pure text.

We migrated our web sites to Server Intellect over one weekend and the setup was so smooth that we were up and running right away. They assisted us with everything we needed to do for all of our applications. With Server Intellect's help, we were able to avoid any headaches!

We will also be creating a GUI front end that will allow you to type values into a text field and then encrypt that value. This will also allow you to take values that are encrypted and decrypt them to their original value. In the end we will have a fully functional utility that allows encryption and decryption and a working class that we can consume into any application web or windows that allows us to add another level of security. At that point the GUI front end will become your administration screen and allow you to have one central location to decrypt and encrypt values for all of your needs.

What is an Encryption and Decryption Cryptosystem?

In a symmetric cryptosystem we will use the same key in both the encryption and the decryption processes. These two processes are similar in most ways. However, some parts of these processes will follow a reversed order of each other (e.g. for AES, the decryption algorithm will follow a reversed order of the encryption algorithm).

In a symmetric cryptosystem we will divide the data into smaller blocks and encrypt them all one by one using a secret key that we have generated. Then, we will use those blocks and send them to the recipient as a whole. Then, on the recipient side, we will apply the decryption process using that same key, and in doing so restore the value to its original form.

Symmetric algorithms are extremely fast compared to asymmetric cipher algorithms and are well suited for performing cryptographic transformations on a larger scale. The most popular symmetric cipher algorithms are DES, AES and TripleDES. TripleDES uses DES three times in sequence with different keys.

What algorithm are we going to use for our Encryption?
While there are various ways to do encryption and decryption as explained above, we have decided to go with the Rijndael algorithm. Why the Rijndael algorithm? Because it is stronger, faster and managed, this ensures it to run on every machine with .NET framework installed.

Where was this algorithm created?

The Rijndael algorithm was developed by Joan Daemen and Vincent Rijmen as a candidate for the U.S. Advanced Encryption Standard (AES) which was selected on October 2, 2000. It uses key sizes of 128, 192, or 256 bits and block lengths of 128, 192, or 256 bits. You can use any combination of key sizes and block lengths. The design goals of the algorithm is that it must resist all known attacks, must have design simplicity, code compactness and speed on a wide spectrum of platforms.
Taking all of the block ciphers listed the Rijndael cipher is the quickest by far followed by RC2, DES, and 3DES. Rijndael also has the largest key space of the algorithms. To put the size of the key space into perspective, if there was a machine fast enough that could produce a DES key in one second, it would take years to produce a 128 bit key for the Rijndael algorithm.

Important point to remember

Regardless of your security mechanisms, data is only as secure as the weakest link. Other factors that will have an effect on security will be:

Your in-house Policies and procedures
Education and the setting of expectations
Your Data Management & Control
Environmental Control
External Influences

Here is an example of an encoded string

TgBQAEEAcQBGADUAMgBwAEQASQBaAFcAVQBXAGgAbwA4AGwAbgA4AGYAUQB
TAFAAWAA3AFAAOABuAE4ATgBnAEoAcABnAGEANQBOAG8ATwBnAGoAOQA5AG
QAZQBTADcAdgAvAFYARQBDAHUAcAB1ADQAVABBADcASABFAFQAWgA=

In the above example you will see the output of a string after it has been encrypted and encoded into a Base64 encoded string that can be utilized by any of your applications.

What we will learn in this article:

What is encryption and decryption
What is the Rijndael algorithm
What is Base64 Encoding
How to create a GUI front end for our example

Getting started with our example

The first thing we need to do to get started with our application is to decide whether we will use a windows or a web application for our interface. In this example we decided to go with a Windows application simply because with a Windows application we do not need an internet connection to get to our administration screen and it is something that we can keep on our desktop as an icon so it is readily available for development.

Source Code for the Encryption Utility

[Click to see full-size]

When you select the “OK” button the project will be created.
The next step is to create our EncryptStrings class. This class will hold our encryption and decryption methods and keys so we can easily consume this class within this application and any future application that we will be creating. Fig. 2

[Click to see full-size]

We moved our web sites to Server Intellect and have found them to be incredibly professional. Their setup is very easy and we were up and running in no time.

We will need to import the following library into our class in order to use the methods within this class.

using System.Security.Cryptography;

I am a big believer in interfaces because it strong types development and makes it easier for developers that follow you to easily debug and maintain your code base. They are a way to insure that you are implementing all of the required methods for that derived interface and that each and every class that derives from your interface will look similar in format.
The interface we will be using in this example is called IEncrypt.

public interface IEncrypt

{

string EncryptString(string plainTextString);

string DecryptString(string encryptTextString);

string EncodeString(string encryptedTextString);

string DecodeString(string encodedTextString);

};

You will notice that we are using four methods:

EncryptString
This is the method where we encrypt all of our strings
DecryptString
This is the method where we decrypt all of our strings
EncodeString
This is the method where we encode the encrypted strings
DecodeString
This is the method where we decode the encoded strings

Need help with Windows Dedicated Hosting? Try Server Intellect. I'm a happy customer!

In the next article in this series we will be creating the Key that we will be using for the encryption and decryption process along with the salt/IV we will be using. We will then create the methods that go along with this example, and in the final part of our series we will finish the GUI front end for this example.

Click here to read Part Two.

What we have Learned

We have learned that we can use various methods to do encryption and decryption. We have also learned that we can create a class that can be consumed in all of our applications and that we can utilize this class for all of our encryption needs in our future applications.

Attachments

V4.ProgrammingHelp.com Tutorials

Article Categories

Creating an Encryption Utility in C# Part One