堆栈内存溢出
  简体   繁体   English

.net中的AES加密

[英]AES Encryption in .net

 原文  2009-09-20 14:45:41       c#/ .net/ encryption

问题描述

  1. How can I use AES in C# .NET to encrypt a file and then securely remove the local copy of the file? 如何在C#.NET中使用AES加密文件,然后安全地删除文件的本地副本?

    Can someone please point me to a good example on how to do this. 有人可以给我指出一个很好的例子。

  2. Is AES the strongest encryption available in .NET 3.5? AES是.NET 3.5中可用的最强大的加密吗?

5 个解决方案

解决方案1
 3  2009-09-20 14:59:32

You may be approaching your problem from the wrong angle if you want to receive a file and THEN encrypt it. 如果您想接收文件然后加密,则可能从错误的角度解决问题。 As other have mentioned, there isn't an easy way to securely delete a file. 正如其他人提到的那样,没有一种简单的方法可以安全地删除文件。

As an alternative then you may want to setup an encrypted partition or folder using something like TrueCrypt , and drop the file into the encrypted partition as soon as it is received. 作为替代方案,您可能想要使用TrueCrypt之类的方法设置加密分区或文件夹,并在收到文件后立即将其放入加密分区。

Writing encryption routines using c# may seem fairly trivial, but without a good understanding of the issues that surround encryption there is a good chance you will make mistakes, such as with key management or picking the wrong block encryption mode. 使用c#编写加密例程看似微不足道,但是如果没有很好地理解围绕加密的问题,您很可能会犯错误,例如密钥管理或选择错误的块加密模式。

解决方案2
 2  2009-09-20 14:50:58

1) You can't securely remove a file without messing with filesystem internals. 1)在不弄乱文件系统内部的前提下,您不能安全地删除文件。
2) It depends on your definition of stronger. 2)这取决于你对强者的定义。

解决方案3
 1  2009-09-20 15:51:40

You can't securely delete unless you delve into unsafe code, there's an example on codeproject but you might be better find a command line program like Sdelete and calling it from your application, you'd have to use unsafe code either way. 除非您研究不安全的代码,否则就不能安全删除,在codeproject上有一个示例,但是您最好找到像Sdelete这样的命令行程序并从您的应用程序中调用它,您必须使用这两种方式的不安全代码。

The strongest encryption is, well, too hard to call, especially when you take key sizes into the equation. 最强的加密是很难调用的,尤其是当您将密钥大小纳入方程式时。 There are attacks against AES at its maximum keysize, 256 bits, but a lot of them depend on specific versions, attacking the implementation rather than the algorithm and the ones that target the algorithm are still very complex - if you rotate your keys every time like you should then really you have very little to worry about. AES的最大密钥大小为256位,但很多攻击都取决于特定版本,攻击实现而不是算法,并且针对算法的攻击仍然非常复杂-如果您每次旋转密钥都像那么您真的应该担心的很少了。 If you're worried about the managed code implementation then you should turn FIPS compliance on, but that affects the whole OS. 如果您担心托管代码的实现,则应该打开FIPS遵从性 ,但这会影响整个OS。 This would limit you to the DESCryptoServiceProvider / TripleDESCryptoServiceProvider for symmetric encryption and DSACryptoServiceProvider / RSACryptoServiceProvider for asymmetric encryption. 这将限制您使用DESCryptoServiceProvider / TripleDESCryptoServiceProvider进行对称加密,而使用DSACryptoServiceProvider / RSACryptoServiceProvider进行非对称加密。

解决方案4
 1  2009-09-20 16:09:02

Here's an example of using AES in C# that generates a symmetric key and IV and uses RSA with a self signed certificate to store the AES key and IV in a file. 这是在C#中使用AES 的示例 ,它会生成对称密钥和IV,并使用带有自签名证书的RSA将AES密钥和IV存储在文件中。 To decrypt, it will decrypt the keyfile using RSA, and then use that to decrypt the encrypted file back to the original. 要解密,它将使用RSA解密密钥文件,然后使用该密钥文件将加密的文件解密回原始文件。

You may need to modify of course, but I think it's a decent round trip example of encryption in C#. 当然,您可能需要进行修改,但是我认为这是C#中加密的一个不错的往返示例。

解决方案5
 0  2009-09-20 14:51:48

You might want to look at something like this for a tutorial on encryption in the .NET framework, as there are many settings you will need to decide on. 您可能需要看一下类似的内容,以了解.NET框架中的加密教程,因为您需要决定许多设置。 http://www.vbdotnetheaven.com/UploadFile/gsparamasivam/cryp04112005063256AM/cryp.aspx http://www.vbdotnetheaven.com/UploadFile/gsparamasivam/cryp04112005063256AM/cryp.aspx

To delete the file is a bit trickier. 删除文件比较麻烦。 You may want to write over the file with zeroes that is the same size as the file you wanted to delete. 您可能希望用零来覆盖文件,该零与要删除的文件大小相同。

Then delete that file. 然后删除该文件。 That way there should mainly be zeroes in the hard drive, if someone takes your hard drive apart. 这样,如果有人将您的硬盘分开,则硬盘中的零应该主要为零。

I prefer IDEA or Twofish, but AES can work, it depends on the key size you generated. 我更喜欢IDEA或Twofish,但是AES可以工作,这取决于您生成的密钥大小。

Update: I tend to use Bouncycastle's library for encryption, as I found it easy to use, and it worked better for me, generally. 更新:我倾向于使用Bouncycastle的库进行加密,因为我发现它易于使用,并且通常来说对我来说效果更好。 http://www.bouncycastle.org/csharp/ If you download the source code you can get examples which would help you out perhaps. http://www.bouncycastle.org/csharp/如果您下载源代码,则可以获得可以帮助您的示例。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 .Net中的AES + HMAC加密 - AES + HMAC Encryption in .Net 目标c。128加密.net aes - objective c aes 128 encryption for .net aes PHP 相当于 .net AES 加密 - PHP equivalent of .net AES encryption AES加密。 从Python(pyCrypto)到.NET - AES Encryption. From Python (pyCrypto) to .NET .NET Framework 2.0中的AES 256加密 - AES 256 encryption in .NET Framework 2.0 Mysql 中的 AES _Encryption,C#.Net 中的解密 - AES _Encryption in Mysql , Decryption in C#.Net 使用.Net Framework进行AES文件加密并使用IOS对其进行解密 - AES file encryption with .Net Framework and decrypt it with IOS AES 256 Java和.Net兼容的加密和解密? - AES 256 java and .Net compatible encryption and decryption? .Net 中的 AES 加密和 Node JS 中的解密 - AES Encryption In .Net And Decryption In Node JS 比较AES加密OpenSSL与.NET(RijndaelManaged) - Compare AES encryption OpenSSL versus .NET(RijndaelManaged)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM