O'Reilly logo

Programming .NET Security by Allen Jones, Adam Freeman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 17. Cryptographic Keys

In this chapter, we discuss how the .NET Framework supports the cryptographic keys that we have used in the previous chapters. We explain the importance of keys and the decisions you must make in deciding how you will create them. We provide examples of how to program the .NET support for cryptographic keys and finish our coverage of cryptography by extending our ElGamal implementation to support session key exchange formatting.

Cryptographic Keys Explained

When you use cryptography, you simplify problems by relying on your ability to manage secret keys correctly; in essence, you exchange one problem (the need to communicate securely) for another (protecting the key), which you expect to be simpler. For example, when you use data encryption to keep messages confidential, you must protect your secret or private key, which should, in principle, be simpler than arranging to meet in person or using a secure courier service. You can simplify the problem of authentication by using digital signatures, but these are useful only as long as you are able to protect a private key; Bob can trust signatures from Alice for as long as it takes Eve to guess or otherwise acquire the private key.

The importance of managing your keys cannot be overstated; Alice and Bob must manage theirs carefully to protect encoded messages. Eve could undermine all of their efforts if she acquires the keys. We use the word "acquire," because as we discussed in Chapter 12, Eve can do more ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required