I'm currently needing a way to encrypt a string and decrypt a byte array using AES-128 symmetrical encryption, in C#. I can't find a way how to do this, but maybe I've missed something.
How can I encrypt and decrypt using AES 128 without an IV?
Asked Answered
Why do you want to avoid IVs? They're an important security feature. –
Spinoza
To expand on @Spinoza comment. IVs can be randomly generated and transmitted in the clear along with the ciphertext. Secrecy of the IV is not necessary for security. The requirements for an IV are that you don't reuse the same key and IV combination and that the IV be difficult to predict. –
Wildfire
This question was for a project where somebody was interested in encrypting using AES without an IV. I do agree that they're an important security feature though! –
Tentacle
Import namespaces
using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
static void Main(string[] args)
{
string value = "@arifansari300<3>";
string encryptedValue= EncryptDecrypt.Encrypt(value);
string decryptedValue = EncryptDecrypt.Decrypt(encryptedValue);
}
public static string Encrypt(string clearText)
{
string EncryptionKey = "MAKV2SPBNI99212";
byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
using (Aes encryptor = Aes.Create())
{
Rfc2898DeriveBytes pdb = new
Rfc2898DeriveBytes(EncryptionKey, new byte[]
{ 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
{
cs.Write(clearBytes, 0, clearBytes.Length);
cs.Close();
}
clearText = Convert.ToBase64String(ms.ToArray());
}
}
return clearText;
}
public static string Decrypt(string cipherText)
{
string EncryptionKey = "MAKV2SPBNI99212";
byte[] cipherBytes = Convert.FromBase64String(cipherText);
using (Aes encryptor = Aes.Create())
{
Rfc2898DeriveBytes pdb = new
Rfc2898DeriveBytes(EncryptionKey, new byte[]
{ 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
{
cs.Write(cipherBytes, 0, cipherBytes.Length);
cs.Close();
}
cipherText = Encoding.Unicode.GetString(ms.ToArray());
}
}
return cipherText;
}
Rfc2898DeriveBytes is only a good choice when you have to use passwords entered by the end-user instead of generating a proper key. But in that case you should use a salt (in your example it's a constant, that misses the point of IVs) and more iterations (at minimum 20k, preferably more). If you have a proper key, normal encryption is simpler and much faster. –
Spinoza How can i convert this function PHP ? –
Faraday
@Spinoza What do you mean by "normal encryption"? –
Alvinalvina
@JamieKitson Encryption where you use a random high-entropy key (e.g. 256 bits) instead of weak user memorable passwords. –
Spinoza
Make sure to change the salt: 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 = Ivan Medvedev –
Lamplighter
this code is so old, it might come from here which is a short form from here. its 2019 and everyone still misses the
Ivan Medvedev one. –
Dose Muy buen aporte. –
Grobe
© 2022 - 2024 — McMap. All rights reserved.