Then theres the question of how uniformly distributed

Info icon This preview shows pages 466–468. Sign up to view the full content.

Then there’s the question of how uniformly distributed those “random” numbers are, or whether the algorithm has a tendency to generate clusters of random numbers. Get- ting a smooth, unpredictable stream of random numbers from an algorithm is a very hard problem, and the smoother you want it the more expensive it gets (in general). Lack of randomness (i.e., predictability) in your random number generator can signif- icantly reduce the strength of a cryptographic algorithm based on its results. The upshot of this is that you shouldn’t use System.Random if you are particularly sen- sitive to the randomness of your random numbers. This isn’t just limited to security applications—you might want to think about your approach if you were building an online casino application, for example. OK, with that done, we can now implement our EncryptString method. This takes the plain text string, the key, and the initialization vector, and returns us an encrypted string. Example 11-53 shows an implementation. Example 11-53. Encrypting a string private static string EncryptString(string plainText, byte[] key, byte[] iv) { // Create a crypto service provider for the TripleDES algorithm var serviceProvider = new TripleDESCryptoServiceProvider(); using (MemoryStream memoryStream = new MemoryStream ()) using (var cryptoStream = new CryptoStream( memoryStream, serviceProvider.CreateEncryptor(key, iv), CryptoStreamMode.Write)) using (StreamWriter writer = new StreamWriter(cryptoStream) ) { // Write some text to the crypto stream, encrypting it on the way writer.Write(plainText); // Make sure that the writer has flushed to the crypto stream writer.Flush(); // We also need to tell the crypto stream to flush the final block out to // the underlying stream, or we'll // be missing some content... cryptoStream.FlushFinalBlock(); // Now, we want to get back whatever the crypto stream wrote to our memory // stream. return GetCipherText(memoryStream); } } We’re going to write our plain text to a CryptoStream , using the standard Stream Writer adapter. This works just as well over a CryptoStream as any other, but instead of coming out as plain text, it will be enciphered for us. How does that work? 442 | Chapter 11: Files and Streams
Image of page 466

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

An Adapting Stream: CryptoStream CryptoStream is quite different from the other streams we’ve met so far. It doesn’t have any underlying storage of its own. Instead, it wraps around another Stream , and then uses an ICryptoTransform either to transform the data written to it from plain text into cipher text before writing it to that output stream (if we put it into CryptoStream Mode.Write ), or to transform what it has read from the underlying stream and turning it back into plain text before passing it on to the reader (if we put it into CryptoStream Mode.Read ). So, how do we get hold of a suitable ICryptoTransform ? We’re making use of a factory class called TripleDESCryptoServiceProvider . This has a method called CreateEncryp tor which will create an instance of an ICryptoTransform that uses the TripleDES algo- rithm to encrypt our plain text, with the specified key and IV.
Image of page 467
Image of page 468
This is the end of the preview. Sign up to access the rest of the document.
  • Spring '15

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern