TechQA.

Crypto with Key & IV generator from a password and SALT in .NETMF

1.7k views Asked by At

I am implementing a .NET Micro Framework application and I have a code such as:

public static void Main()
{
    string data = "Here is some text to encrypt.";

    AesCryptoServiceProvider csp = new AesCryptoServiceProvider();
    csp.GenerateKey();
    csp.GenerateIV();

    CryptoKey k = csp.Key;
    byte[] iv = csp.IV;

    byte[] key = k.ExportKey(true);

    AesCryptoServiceProvider csp2 = new AesCryptoServiceProvider();

    byte[] enc = AesEncrypt(UTF8Encoding.UTF8.GetBytes(data), key, iv);
    byte[] dec = AesDecrypt(enc, key, csp.IV);
    char[] c = UTF8Encoding.UTF8.GetChars(dec);
    string decodedStr = new string(c);
    Debug.Print("\n dec: " + decodedStr );
}

public static byte[] AesEncrypt(byte[] data, byte[] key, byte[] iv)
{
    using (AesCryptoServiceProvider csp = new AesCryptoServiceProvider())
    {
        csp.Key = CryptoKey.ImportKey(csp.Session, key,
        CryptoKey.KeyClass.Secret, CryptoKey.KeyType.AES, true);

        csp.IV = iv;
        using (ICryptoTransform encr = csp.CreateEncryptor())
        {
            return encr.TransformFinalBlock(data, 0, data.Length);
        }
    }
}
public static byte[] AesDecrypt(byte[] encryptedData, byte[] key, byte[] iv)
{
    using (AesCryptoServiceProvider csp = new AesCryptoServiceProvider())
    {
        csp.Key = CryptoKey.ImportKey(csp.Session, key,
        CryptoKey.KeyClass.Secret, CryptoKey.KeyType.AES, true);
        csp.IV = iv;
        using (ICryptoTransform decr = csp.CreateDecryptor())
        {

            return decr.TransformFinalBlock(encryptedData, 0, encryptedData.Length);
        }
    }
}

My gadgeteer (FEZ Hydra) will encrypt some text. It will NOT have internet connection, so it will output it via OLED display or sth. And I am going to decrypt it in .NET Framework PC. Now I have 2 questions:

1- Unfortunately .NETMF 4.2 RTM (QFE2) does not have any functions which exist in .NET Framework such as Rfc2898DeriveBytes or RandomNumberGenerator. Therefore I could not find a way to derive Key&IV from a Password and SALT.

2- (assuming we solved question #1)I cannot use random Key and IV for every encryption/decryption since gadgeteer does not have internet connection in order to send the key&IV to my .NET Framework PC in a secure way. So I think an alternative solution: If I derive key & IV from a password & SALT, and both my gadgeteer(to encrypt) and PC(to decrypt) uses the same password & SALT, then I could handle it. Yes I am hearing the voices Do not use same IV etc. for more than one encryption.. But my MUST is not to connect gadgeteer to wifi because of Cost and other issues. Under these circumstances, is this a secure way to do this or does it need way much improvement (such as public&private key implementation etc.)? And how?

I'll be glad for any advise, Thank You

Murat

c# .net encryption .net-micro-framework .net-gadgeteer
Original Q&A
1

There are 1 answers

0
jbtule On

I have not used the .net Micro Framework. However, the api listing has a random number generator called RNGCryptoServiceProvider. Rfc2898DeriveBytes is just PBKDF2 implementation using Hmac-Sha1 and there exist a KeyedHashAlgorithm class that suports HMAC-SHA1 (see algorithm PBKDF2 it's pretty simple).

Related Questions in C#

Related Questions in .NET

Related Questions in ENCRYPTION

Related Questions in .NET-MICRO-FRAMEWORK

Related Questions in .NET-GADGETEER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions