locked
Rfc2898DeriveBytes for password hash not allowing for a longer Encryption Key RRS feed

  • Question

  • User93267240 posted

    I have been using this  Rfc2898DeriveBytes encryption method with success. The Encryption key is excactly 15 characters. Now my boss wants me to make the Encryption Key three times longer. I have  tired sereral techniques but can only get it to work if it is 15 characters. Can anyone explain why this is the case?

            private string Encrypt(string clearText)
            {
                string EncryptionKey = "MAKV2SPBNI99212";
                byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
                using (Aes encryptor = Aes.Create())
                {
                    Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
                    encryptor.Key = pdb.GetBytes(32);
                    encryptor.IV = pdb.GetBytes(16);
                    using (MemoryStream ms = new MemoryStream())
                    {
                        using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
                        {
                            cs.Write(clearBytes, 0, clearBytes.Length);
                            cs.Close();
                        }
                        clearText = Convert.ToBase64String(ms.ToArray());
                    }
                }
                return clearText;
            }

    Wednesday, September 17, 2014 1:04 PM

Answers

All replies

  • User-1151753377 posted

    Hi holdorfs,

    Welcome to this asp.net forum.

    According to your description, as far as I know, the Rfc2898DeriveBytes password encryption is allowed for any size design.

    If the method is not fit for you, you could consider other methods, something like this:

    private string Encryptdata(string password)
    {
    string strmsg = string.Empty;
    byte[] encode = new byte[password.Length];
    encode = Encoding.UTF8.GetBytes(password);
    strmsg = Convert.ToBase64String(encode);
    return strmsg;
    }

    More information about the encryption technology, hope it could useful for you.

    http://chandradev819.wordpress.com/2011/04/11/how-to-encrypt-and-decrypt-password-in-asp-net-using-c/

    http://msdn.microsoft.com/en-us/library/system.security.cryptography.rfc2898derivebytes(v=vs.110).aspx

    http://security.stackexchange.com/questions/35250/hmacsha512-versus-rfc2898derivebytes-for-password-hash

     

    If you have any other questions, please hesitate to post this forum.

    Best Regards,

    Summer

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, September 18, 2014 10:09 PM
  • User93267240 posted

    Summer,

    Thanks for your answer; however, it does not address my question. What I am having trouble with is currently my Encryption Key has a value of:

    string EncryptionKey = "MAKV2SPBNI99212";

    My boss what to make it:

    string EncryptionKey = "MAKV2SPBNI99212MAKV2SPBNI99212MAKV2SPBNI99212";

    Now, I have tried everything and nothing works. Can anyone explain what I am doing wrong?

    Friday, September 19, 2014 7:26 AM
  • User-1569551712 posted

    It's working Fine. Check the code :

    string Encrypt(string clearText)
            {
                string EncryptionKey = "MAKV2SPBNI99212MAKV2SPBNI99212MAKV2SPBNI99212";
                byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
                using (Aes encryptor = Aes.Create())
                {
                    Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
                    encryptor.Key = pdb.GetBytes(32);
                    encryptor.IV = pdb.GetBytes(16);
                    using (MemoryStream ms = new MemoryStream())
                    {
                        using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
                        {
                            cs.Write(clearBytes, 0, clearBytes.Length);
                            cs.Close();
                        }
                        clearText = Convert.ToBase64String(ms.ToArray());
                    }
                }
                return clearText;
            }

    string Decrypt(string eText)
            {
                string EncryptionKey = "MAKV2SPBNI99212MAKV2SPBNI99212MAKV2SPBNI99212";
                byte[] eBytes =  Convert.FromBase64String(eText);
                using (Aes encryptor = Aes.Create())
                {
                    Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
                    encryptor.Key = pdb.GetBytes(32);
                    encryptor.IV = pdb.GetBytes(16);
                    using (MemoryStream ms = new MemoryStream())
                    {
                        using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
                        {
                            cs.Write(eBytes, 0, eBytes.Length);
                            cs.Close();
                        }
                        eText= Encoding.Unicode.GetString(ms.ToArray());
                    }
                }
                return eText;
            }

    Thursday, November 13, 2014 7:37 AM