GALsync Special – Part 6:: Encryption

30 Jan

 


encrpt.JPG From customers using GALsync in a high secure environmnt we received this request:

” . . . please forward me any documentation you have which details the cryptographic mechanisms used by GALSync, specifically I’d like details of:

Which algorithms are used (I believe you said AES and RSA), Key lengths, key generation and key management, Details of the MS .Net components used.. . “

Find answers below:e

We use the following documentation from Microsoft for encryption/decryption the GALsync data file.

 

http://msdn.microsoft.com/en-gb/library/ms229749%28VS.80%29.aspx

 

specially the first 4 articles

 

How to: Encrypt XML Elements with Symmetric Keys

Describes how to encrypt an XML element using the Rijndael algorithm.

 

How to: Decrypt XML Elements with Symmetric Keys

Describes how to decrypt an XML element that was encrypted using the Rijndael algorithm.

 

How to: Encrypt XML Elements with Asymmetric Keys

Describes how to encrypt an XML element using the RSA algorithm.

 

How to: Decrypt XML Elements with Asymmetric Keys

Describes how to decrypt an XML element using the RSA algorithm.

 

 

The Symmetric key is generated with RijndaelManaged by default values.

 

The Asymmetric key is generated with RSACryptoServiceProvider(4096) and a 256 bit Rijndael key.

 

We use ProtectedData Class from the .NET Framework to save the key in the policy xml file

 

ProtectedData.Protect(Encoding.UTF8.GetBytes(key), null, DataProtectionScope.LocalMachine)

 

The key xml file you generate for your partner has no protection.

 

——————————————————————————————————

We had a great time developing our products and we hope you have an equally great time working with them. If you experience any problems we are more than happy to support you.

 

Leave a Reply

Your email address will not be published. Required fields are marked *