Analysing .NET Encryption Features

This article examine some of the topics related to the topics encrypted to .NET Encryption features which covers the following highlights. 1. Creating Random numbers. 2. Managing memory clean

Creating Random Numbers

Random numbers are a key element of most forms of cryptography. At some point, the strength of the system is based on the ability to produce a random, unpredictable number. Without this randomness, an attacker might be able to predict the cryptographic calculations. For example, Netscape's SSL encryption was cracked in 1995 because it used a weak random-number generator.

Because computers have difficulty with true randomness, they use what are called pseudorandom-number generators (PRNGs). To be used with cryptography, a PRNG should have good entropy. Entropy is the measure of randomness that refers to the unpredictability and the uniform distribution of a random number. A strong random-number generator is one that, given a list of numbers already generated, could not predict the next number in the sequence.

The .NET Framework uses the RNGCryptoServiceProvider to generate random numbers, which is a wrapper for the CryptGenRandom function in CrytpoAPI. This PRNG is considered random enough for all but the most extreme security requirements.

Major warning:  When you're using random numbers for cryptographic purposes, always use RNGCryptoServiceProvider, not the System.Random class. System.Random is based on a predictable function and is not considered a strong random-number generator.

Threats

Information leakage, Data Corruption, brute-force attacks

Security Policy

§         Use only RNGCryptoServiceProvider to generate strong random numbers; avoid using System.Random.

§         Use external sources of entropy to further increase randomness of the PRNG.

Maintaining Memory Clean

When working with sensitive data, you should always make sure you clean up after yourself; you don't want unencrypted data left around in memory. To limit the possibility of leaving sensitive data in memory, you should use as few variables as possible, avoid caching plaintext, and explicitly clean up after cryptographic operations.

Normally the .NET Framework garbage collector will take care of reclaiming objects no longer used. But it is not predictable when garbage collection will occur, and when it does, the system does not actually clear the memory; it just marks it as available for reuse. Because that memory may contain important information, it is important to always clean up any cryptographic objects and variables. To do this, the .NET Framework provides a Clear() method for all cryptographic objects.

When you are finished with any cryptography-related variables, you should clear their contents. This includes not only ciphertext and plaintext variables but also crypto objects, keys, salt, and IV variables

private void cleaningExample()

{

  // Setup

  byte[] buffer = ASCIIEncoding.ASCII.GetBytes(_

    "This is a secret for cleaningExample");

  RijndaelManaged rijndael = new RijndaelManaged();

  rijndael.GenerateKey();

  rijndael.GenerateIV();

  // Perform encryption

  string encryptedString = Convert.ToBase64String(

    rijndael.CreateEncryptor().TransformFinalBlock(

    buffer, 0, buffer.Length));

  // Perform decryption

  buffer = Convert.FromBase64String(encryptedString);      

  string decryptedString = ASCIIEncoding.ASCII.GetString(

    rijndael.CreateDecryptor().TransformFinalBlock(

    buffer, 0, buffer.Length));

  // Clean up

  rijndael.Clear();

  encryptedString = decryptedString = String.Empty;

  buffer = null;

}

Threats

Information leakage.

Security Policy

§         Clear out all variables used with cryptographic operations, including those for plaintext, ciphertext, keys, salts, IVs, and random numbers.

§         Use the Clear () method to clear out any sensitive data.

§         Use the Dispose () method to immediately free memory resources.

§         Explicitly zero out any variables that do not provide a Clear() method.