none
Securing Remoting with TcpChannel RRS feed

  • Question

  • Hi,

    I am new to .NET remoting and was wondering if someone could fill in some blanks.

    I want to use a TcpChannel to perform IPC over TCP and want to be able to secure it as sensitive data could be transferred.

    Is it as easy as setting the secure property when registering the channel?

    Does this encrypt the data in transit and if so what level of encryption is present in this case? And does this assume the client and server will be running under the same user/service account?

    Thanks in advance for the help.

    • Moved by Bob Shen Tuesday, June 25, 2013 2:38 AM
    Thursday, June 20, 2013 2:35 PM

Answers

All replies

  • I find some similar articles with your question: 

    Security in Remoting 

    Authentication with the TCP Channel 

    you can refer to those articles to get more help. thanks


    If my post is helpful,please help to vote as helpful, if my post solve your question, please help to make it as answer. My sample

    Friday, June 21, 2013 3:29 AM
  • I had read those articles before posting but it doesn't really say much other than, "turn on secure communication" which encrypts.

    Is it that simple? how does it encrypt? what algorithm is used? whats the strength of the encryption?

    Friday, June 21, 2013 11:21 AM
  • .NET REMOTING had the last update in framework 2.0

    From 3.0 onwards, we moved to WCF API ... Please consider the same for new developments.


    In 2.0, we do see that TCP channel related library in remoting channel uses the SSPI for encryption and authentication.

    http://www.guidanceshare.com/wiki/What's_New_in_.NET_Framework_2.0_Security

    For more info on SSPI internals, refer below link ...
    http://technet.microsoft.com/en-us/library/dn169026(v=ws.10).aspx

    • Marked as answer by PaulMcCaffery Monday, July 15, 2013 10:55 AM
    Tuesday, June 25, 2013 2:37 PM
  • Thanks this is helpful in understanding a little bit more about SSPI, but it still doesnt fully answer my question.

    I am assuming then to secure the communcations it is using Secure Channel to encrypt using some AES algorithm. 

    But an AES algorithm uses a symmetric key which means both client and server have to know what key they are using. So it can't just be as simple as turning the secure flag to true.

    Presumably there is some additional work or configuration I need to do to tell both sides which symmetric key I am using?

    Unfortunately, just using something else is not an option.

    Thanks

    Thursday, June 27, 2013 7:48 AM
  • To know more on internals of SSPI API, you need to engage us via support incident ticket.
    To confirm the encryption level, you can observe the network traffic via tool called Microsoft Network Monitor.
    Monday, July 1, 2013 2:20 PM
  • Hi Paul,

    Did you get to know finally how does it encrypt? what algorithm is used? whats the strength of the encryption? or one needs to switch to WCF only? I am also having same problem with my .net remoting application which needs to be secure with some encryption algorithms.

    Thanks,

    Gangadhar

    Monday, August 12, 2013 11:48 AM