Chapter 14. Symmetric Encryption

In Chapter 13, we showed you how Alice can use data hash codes to prevent Eve from secretly modifying the messages that she sends to Bob. Hash codes are useful for message integrity, but they do not provide any confidentiality; although Eve cannot alter the messages from Alice without Bob knowing, she is able to read the messages, and Alice and Bob are unable to keep secrets from her.

In this chapter, we examine how to achieve confidentiality with data encryption, and how to encrypt and decrypt data using the .NET Framework. We also show you how to extend the .NET Framework by adding a new encryption algorithm.

Encryption Revisited

Encryption is the process of transforming a message so that it cannot be read if it is intercepted but can still be understood by the intended recipient. If Alice encrypts and sends a confidential message to Bob, Eve will not be able to make sense of what it says, and the contents of the message will remain confidential. Bob, as the intended recipient, is able to decrypt the message, which is the process of restoring the original message from the encrypted data. Like almost all types of cryptography, encryption relies on keeping a key secret from Eve.

Figure 14-1 shows the basic model for modern data encryption. Alice uses an encryption algorithm to convert her message into encrypted data, which she sends to Bob. Bob uses a secret key to decrypt the data, transforming it back into the original message, which he then reads. ...

Get Programming .NET Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.