From customers using GALsync in a high secure environmnt we received this request:
" . . . please forward me any documentation you have which details the cryptographic mechanisms used by GALSync, specifically I'd like details of:
Which algorithms are used (I believe you said AES and RSA), Key lengths, key generation and key management, Details of the MS .Net components used.. . "
Find answers below:e
We use the following documentation from Microsoft for encryption/decryption the GALsync data file.
http://msdn.microsoft.com/en-gb/library/ms229749%28VS.80%29.aspx
specially the first 4 articles
How to: Encrypt XML Elements with Symmetric Keys
Describes how to encrypt an XML element using the Rijndael algorithm.
How to: Decrypt XML Elements with Symmetric Keys
Describes how to decrypt an XML element that was encrypted using the Rijndael algorithm.
How to: Encrypt XML Elements with Asymmetric Keys
Describes how to encrypt an XML element using the RSA algorithm.
How to: Decrypt XML Elements with Asymmetric Keys
Describes how to decrypt an XML element using the RSA algorithm.
The Symmetric key is generated with RijndaelManaged by default values.
The Asymmetric key is generated with RSACryptoServiceProvider(4096) and a 256 bit Rijndael key.
We use ProtectedData Class from the .NET Framework to save the key in the policy xml file
ProtectedData.Protect(Encoding.UTF8.GetBytes(key), null, DataProtectionScope.LocalMachine)
The key xml file you generate for your partner has no protection.
------------------------------------------------------------------------------------------------------
We had a great time developing our products and we hope you have an equally great time working with them. If you experience any problems we are more than happy to support you.
Leave a comment