Improving Web Application Security: Threats and - CGISecurity

Chapter 7: Building Secure Assemblies 175Generate Random KeysIf you need to generate encryption keys programmatically, useRNGCryptoServiceProvider for creating keys and initialization vectors and donot use the Random class. Unlike the Random class, RNGCryptoServiceProvidercreates cryptographically strong random numbers which are FIPS-140 compliant.The following code shows how to use this function.using System.Security.Cryptography;. . .RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();byte[] key = new byte[keySize];rng.GetBytes(key);Use PasswordDeriveBytes for Password-Based EncryptionThe System.Security.Cryptography.DeriveBytes namespace providesPasswordDeriveBytes for use when encrypting data based on a password the usersupplies. To decrypt, the user must supply the same password used to encrypt.Note that this approach is not for password authentication. Store a password verifierin the form of a hash value with a salt value order to authenticate a user’s password.Use PasswordDeriveBytes to generate keys for password-based encryption.PasswordDeriveBytes accepts a password, salt, an encryption algorithm, a hashingalgorithm, key size (in bits), and initialization vector data to create a symmetric key tobe used for encryption.After the key is used to encrypt the data, clear it from memory but persist the salt andinitialization vector. These values should be protected and are needed to re-generatethe key for decryption.For more information about storing password hashes with salt, see Chapter 14,“Building Secure Data Access.”Prefer Large KeysWhen generating an encryption key or key pair, use the largest key size possible forthe algorithm. This does not necessarily make the algorithm more secure butdramatically increases the time needed to successfully perform a brute force attack onthe key. The following code shows how to find the largest supported key size for aparticular algorithm.