Example of encryption

[news.microsoft.com]

Hello,

I've read the example on RijndaelManaged Encryption. (see below)

What I don't understand is the generation of the Key (GenerateKey) and the
IV value (GenerateIV).

It's generated on what? If I run my program on another machine is the same
key then generated? If another user runs my program is the same key then
generated?
Is it therefore better to manually set the key and/or IV value?

Grtz.



Example code form help:
*******************

Imports System
Imports System.IO
Imports System.Text
Imports System.Security.Cryptography

Namespace RijndaelManaged_Examples
Class MyMainClass
Public Shared Sub Main()
Dim original As String = "This is a much longer string of data
than a public/private key algorithm will accept."
Dim roundtrip As String
Dim textConverter As New ASCIIEncoding()
Dim myRijndael As New RijndaelManaged()
Dim fromEncrypt() As Byte
Dim encrypted() As Byte
Dim toEncrypt() As Byte
Dim key() As Byte
Dim IV() As Byte

'Create a new key and initialization vector.
myRijndael.GenerateKey()
myRijndael.GenerateIV()

'Get the key and IV.
key = myRijndael.Key
IV = myRijndael.IV

'Get an encryptor.
Dim encryptor As ICryptoTransform =
myRijndael.CreateEncryptor(key, IV)

'Encrypt the data.
Dim msEncrypt As New MemoryStream()
Dim csEncrypt As New CryptoStream(msEncrypt, encryptor,
CryptoStreamMode.Write)

'Convert the data to a byte array.
toEncrypt = textConverter.GetBytes(original)

'Write all data to the crypto stream and flush it.
csEncrypt.Write(toEncrypt, 0, toEncrypt.Length)
csEncrypt.FlushFinalBlock()

'Get encrypted array of bytes.
encrypted = msEncrypt.ToArray()

'This is where the message would be transmitted to a recipient
' who already knows your secret key. Optionally, you can
' also encrypt your secret key using a public key algorithm
' and pass it to the mesage recipient along with the RijnDael
' encrypted message.
'Get a decryptor that uses the same key and IV as the encryptor.
Dim decryptor As ICryptoTransform =
myRijndael.CreateDecryptor(key, IV)

'Now decrypt the previously encrypted message using the
decryptor
' obtained in the above step.
Dim msDecrypt As New MemoryStream(encrypted)
Dim csDecrypt As New CryptoStream(msDecrypt, decryptor,
CryptoStreamMode.Read)

fromEncrypt = New Byte(encrypted.Length) {}

'Read the data out of the crypto stream.
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length)

'Convert the byte array back into a string.
roundtrip = textConverter.GetString(fromEncrypt)

'Display the original data and the decrypted data.
Console.WriteLine("Original: {0}", original)
Console.WriteLine("Round Trip: {0}", roundtrip)
End Sub 'Main
End Class 'MyMainClass
End Namespace 'RijndaelManaged_Examples

 

[Jean-Marc St-Hilaire]

A new key is generated on the other machine. The best thing to do is that
you set your own key and IV and use it on both machines.

 

[Larry Lard]

Hello,

I've read the example on RijndaelManaged Encryption. (see below)

What I don't understand is the generation of the Key (GenerateKey) and the
IV value (GenerateIV).

It's generated on what?

As the docs say,

GenerateKey: Generates a random Key to be used for the algorithm.
GenerateIV: Generates a random initialization vector (IV) to be used
for the algorithm.

If I run my program on another machine is the same
key then generated? If another user runs my program is the same key then
generated?

Wouldn't be very random then would it

Is it therefore better to manually set the key and/or IV value?

It depends on your application. Typically, when one is sending an
encrypted message, one will generate a random key, encrypt with that
key, then send the key by a (computationally expensive) public key
system. If you're just encrypting for local storage, you might want to
use the same key every time. If you are going to be moving encrypted
data (but not the key) to another system, obviously you will have to
find some way to use the same key on both systems. Setting manually to
a fixed value in code would be one way of achieving that.

 

[news.microsoft.com]

Can I generate a key from a password?

A new key is generated on the other machine. The best thing to do is that
you set your own key and IV and use it on both machines.

 

[Jean-Marc St-Hilaire]

Can I generate a key from a password?

You can use your own definition which looks like that:
Dim key() As Byte = {130, 44, 78, 135, 245, 43, 178, 57, 118, 31, 26, 98,
70, 93, 249, 136, 194, 164, 194, 198, 209, 38, 158, 79}

Dim IV() As Byte = {130, 91, 208, 217, 243, 155, 228, 223}

Use any number you want in a range from 1 to 255.

This example is for a TripleDes encryption. I think it is using half the
length for Rjineal but i am not sure

Another way is that you generate it once in the application, note it, and
than, replace the genration lines by the codes you get.

(e-mail address removed)