20. Cryptography || C# 10

Question 1

What encryption and hashing options do you know?

Answer 1

1. File.Encrypt
2. Windows Data Protection
3. Hashing
4. Symmetric Encryption
5. Public Key Encryption

Question 2

Explain how the File.Encrypt works

Answer 2

Protects files transparently with filesystem support. A key is derived implicitly from the logged-in user’s credentials. Windows only.

Question 3

What is hashing?

Answer 3

A hashing algorythm distills a potentially large number of bytes into small fixed-length hashcodes. Hashing algorythm are designed such that a single-bit change anywhere in the source data results in a significantly different hashcode. This makes it suitable for comparing files or detecting accidental or malicious corruption to a file or data stream.
Hashing also acts as one-way encryption, because it difficult to impossible to convert a hashcode back into the original data. This makes it ideal for storing passwords in a database, because should your database become compromised, you don’t want the attacker to gain access to plain-text passwords. To authenticate you simply hash what the user types in and compare it to the hash that’s stored in the databse.
To hash:
byte[] hash;
using (Stream fs = File.OpenRead(“checkme.doc”))
hash = SHA1.Create().ComputeHash(fs); // SHA1 is 20 bytes long;

Question 4

What does “salt” mean and why it is used?

Answer 4

“Salt” is a standard technique when hashing passwords - a long series of bytes that you initially obtain via a random number generator and then combine with each password before hashing.
This works for several reasons:

• You must know the salt bytes;
• You should be able to access a publicly available precomputed database of passwords and their hashcodes.
  How it looks:

byte[] encrypted = KeyDerivation.Pbkdf2(
  password: "stRhong%pword",
	salt: Encoding.UTF8.GetBytes("j78Y#p)/saREN!y3@"),
	prf: KeyDerivationPrf.HMACSHA512,
	iterationCount: 100,
	numBytesRequested: 64
);

Question 5

What is symetric encryption? What might make this encryption stronger?

Answer 5

Used for general purpose encryption/decryption. The same key encrypts and decrypts. Can be used to secure messages in transit.
By using IV (Initialization Vector) we can make this encryption more secure. IV is 16-byte sequence, much like a key, is changed with every sent message . This would render each encrypted message unrecognizable from any previous one - even if their uncrypted versions were similar or identical.

Question 6

How CryptoStream, as decorator, is unusual?

Answer 6

CryptoStream is unusual in that its Flush method does nothing. To flush a stream without disposing it you must call FlushFinalBlock. In contrast to Flush, you can call FlushFinalBlock only once, and then no further data can be written.

Question 7

How does the “public key encryption” works?

Answer 7

Public-key cryptography is asymetric, meaning that encryption and decryption use different keys.
A key pair contains a public key and private key components that work together as follows:

• The public key encrypts messages
• The private key decrypts messages.
  A special feature of this type of cryptography is that you cannot calculate private key from a public key. So, if the private key is lost, encrypted data cannot be recovered; conversely, if a private key is leaked, the encryption system becomes useless.