Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Encyption of data

  • 21-03-2005 9:41am
    #1
    Registered Users, Registered Users 2 Posts: 4,276 ✭✭✭


    Hey,

    Not sure if this is the right place to ask or not :)

    I am going to start my project which will be a program that will run off a mobile device (Laptop, PDA, Smart phone). The idea is sensitive data will be sent from device to device through a wireless lan.

    I am going to want to encrypt the data however I am unsure if the .Net encyrption API is any use. Would I be better looking at some other form of encyption, can anyone reccomend something to me?

    thanks


Comments

  • Registered Users, Registered Users 2 Posts: 2,002 ✭✭✭bringitdown


    http://www.openssl.org/ - Ideal, open toolkit for encryption + encrypted data transmission.

    However, Java Security API's (+Java Cryptography Extension) http://java.sun.com/security/ - are probably a bit more useful as you will need to support a variety of platforms, they are easier to pick up also.

    Would implementing encryption in the WLAN not deprecate the need for it tho? WPA is quite secure. WEP less so.


  • Registered Users, Registered Users 2 Posts: 2,426 ✭✭✭ressem


    Depends on the sort of data you want to send, (passwords, files, streamed video? )
    whether authentication, key distribution and timeouts are an issue (wpa + radius).

    "
    System.Security.Cryptography namespace of Common Language runtime provides classes for

    1. Symmetric Key Encryption
    2. Asymmetric Key Encryption
    3. Hashing
    4. Digital Certificates
    5. XML Signatures
    "
    You're looking at Symmetric Key Encryption?

    The .Net version appears to be as good as any other.

    It's lacking AES, the 3-DES replacement standard.

    I guess that there are no existing systems that you need to communicate with.


  • Registered Users, Registered Users 2 Posts: 4,003 ✭✭✭rsynnott


    You should consider avoiding .NET cryptography, as it's still mostly Windows-bound, and is affected by US export restrictions in many countries; most other APIs are multiplatform


  • Registered Users, Registered Users 2 Posts: 4,276 ✭✭✭damnyanks


    How do you mean its affected by US export restrictions?

    The project requires its written with the .Net framework so anything else isn't possible :)

    thanks for the tips will read up on it :)


  • Closed Accounts Posts: 17,208 ✭✭✭✭aidan_walsh


    The US have laws regarding the sale of products created by American companies in some countries, and that includes information, data or techniques. There were also restrictions on the bit-level of encryption keys used, and these still apply in some countries.

    Your name is entirely approporiate under the circumstances :D


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 4,003 ✭✭✭rsynnott


    The US have laws regarding the sale of products created by American companies in some countries, and that includes information, data or techniques. There were also restrictions on the bit-level of encryption keys used, and these still apply in some countries.

    Your name is entirely approporiate under the circumstances :D

    AES-256 is still verboten here, isn't it? Don't THINK IE does it.


  • Moderators, Sports Moderators Posts: 8,679 Mod ✭✭✭✭Rew


    Would implementing encryption in the WLAN not deprecate the need for it tho? WPA is quite secure. WEP less so.

    No not at all, WPA might make the WLAN secure but its still possible for others on the network to sniff the traffic (assuming the privacy seperater isn't on). The data is alos vunerable when it hits the wire and is going towards the server. So there are loads of good resaons to encrypt it.

    I did some SSL client/server stuff in Java its handy enough once you get the hang of it. Id recomed using a SSL web server to accept the data from the device, SSL URL calls should be supported on all devices in most languages. If your coding for MS PDA/Smartphone .Net is easier then Java, and if its for Series 40/60/XX then J2ME is the best option. If you use SSL+Web server then the clients can be written in any language really. Iv done stuff for all of em in the past there are loads of pit falls when devloping apps for resource constrained devices.


  • Registered Users, Registered Users 2 Posts: 2,426 ✭✭✭ressem


    How about

    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/bdadotnetarch15.asp

    http://aspalliance.com/articleViewer.aspx?aId=536&pId=-1

    And beginner level
    http://www.microsoft.com/technet/community/events/isframe.mspx

    Gives an idea of what each is used for and relative performance.
    And I was wrong about the AES, they've got Rijndael. There are commercial versions, but you shouldn't need them.

    The US export restrictions were loosened in 2000. Given that the net stuff is just a layer over the windows API makes it hard to tell what responsibilities you have not to redistribute to "the axis of evil", so you'll need a lawyer.


Advertisement