none
Cryptography specification RRS feed

  • Question

  • I have a requirement to encrypt a password using AES mode CCM or XTS.  The other AES options are not valid.

    Can someone provide an example of how to specifiy one of these in the cryptography class?

    Thanks,

    Wednesday, February 11, 2015 7:52 PM

Answers

  • Hello Clem,

    From your description, it is not clear what your project type is, if it is based on .NET framework, however, after searching for the AES class, its all available are listed in this link, as we can see that the CCM and XST are not supported, you could consider using other supported modes.

    After searching more, it seems that you might with windows api: Cryptography API which has the CCM mode in AES algorithms, if you are using this windows api, you could change the BCRYPT_CHAINING_MODE property for the algorithm provider by using the BCryptSetProperty function. And here are some examples I found which might be help for you:

    Simple AES encryption using WinAPI

    Encryption using the Win32 Crypto API

    By the way, if you are using the windows api, I suggest you could post it to the windows development forum, the current forum is for .NET class libraries.

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, February 12, 2015 3:50 AM
    Moderator
  • Humm... just in case you didn't notice that, I had included a link to someone's implementation of XTS-AES for you.

    Click on the link in answer to BitBucket, then either click "Source" at the left menu to view the source, or click "Download" there to download the repository as ZIP file

    Saturday, February 14, 2015 4:37 PM
    Answerer

All replies

  • CCM blockmode is supported on WinRT applications only. For Desktop applications you have to P/Invoke BCryptEnypt() API to use it.

    XTS-AES is an algorithm to enhance security of AES by using AES of unspecified type plus the use of tweak key, but it has it's own weakness, I suppose your requirement is to use XTS + AES-CCM? If that's the cause, you have to work yourself to combine the two.

    Thursday, February 12, 2015 3:30 AM
    Answerer
  • Hello Clem,

    From your description, it is not clear what your project type is, if it is based on .NET framework, however, after searching for the AES class, its all available are listed in this link, as we can see that the CCM and XST are not supported, you could consider using other supported modes.

    After searching more, it seems that you might with windows api: Cryptography API which has the CCM mode in AES algorithms, if you are using this windows api, you could change the BCRYPT_CHAINING_MODE property for the algorithm provider by using the BCryptSetProperty function. And here are some examples I found which might be help for you:

    Simple AES encryption using WinAPI

    Encryption using the Win32 Crypto API

    By the way, if you are using the windows api, I suggest you could post it to the windows development forum, the current forum is for .NET class libraries.

    Regards.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, February 12, 2015 3:50 AM
    Moderator
  • Thanks Fred.  I was hoping to use .Net for this.  The workround offered in the "Simple AES..." post was quite complicated.  I couldn't confirm if it was using XTS or CCM. 

    I did implement the AES Cryptography class however there didn't seem to be a means to specify CCM or XTS.

    Based on the 2 responses, it's pretty clear .Net can't do this and i will need to look at the windows.api to do it. 

    Thanks for the assist.


    • Edited by Clem_FRB Friday, February 13, 2015 1:33 PM
    Friday, February 13, 2015 1:02 PM
  • Humm... just in case you didn't notice that, I had included a link to someone's implementation of XTS-AES for you.

    Click on the link in answer to BitBucket, then either click "Source" at the left menu to view the source, or click "Download" there to download the repository as ZIP file

    Saturday, February 14, 2015 4:37 PM
    Answerer