Encryption of Dataset, Opinions? 
Author Message
 Encryption of Dataset, Opinions?

(Disregard my first post if it didn't cancel properly...I sent it
accidentally.)

What I'm trying to do is securely save a dataset as a self-contained xml
file.  Users would only need the proper username/password pair to decrypt it
back into the dataset.

Would the code below be a "reasonably" safe way to do this?  To keep it
simple for the users, I feel I should stay with a symmetrical scheme.  (No
error checking code shown for clarity.)

public static void SaveDatasetToEncryptedXml(DataSet data,
SymmetricAlgorithm symalg, HashAlgorithm hashalg, int saltlen, int keylen,
string filepath, string name, string password)
{
    // generate a random salt value (saved as plaintext in final SignedXml
file)
    byte[] salt = new Byte[saltlen];
    RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
    rng.GetNonZeroBytes(salt);

    // compute the hash value of the name/password pair (saved as plaintext
in final SignedXml file)
    byte[] hash = hashalg.ComputeHash(ASCIIEncoding.ASCII.GetBytes(name +
password));

    // create a key of keylen from the password & salt (not saved)
    byte[] key = new PasswordDeriveBytes(password, salt).GetBytes(keylen);

    // encrypt the data (saved as the signed data part of the SignedXml
file)
    MemoryStream crypteddata = new MemoryStream();
    symalg.GenerateIV(); // create a random IV
    CryptoStream cs = new CryptoStream(crypteddata,
symalg.Crea{*filter*}cryptor(key, symalg.IV), CryptoStreamMode.Write);
    data.WriteXml(cs, System.Data.XmlWriteMode.WriteSchema);

    // todo: Create and save a SignedXml file containing the above data
along with the necessary information to decrypt it (see code notes).

Quote:
}

Any comments or suggestions are welcome.

TIA,
ShaneB



Thu, 30 Dec 2004 00:30:50 GMT  
 
 [ 1 post ] 

 Relevant Pages 

1. Encryption of dataset

2. Des encryption (Data Encryption Standard)

3. Encryption and decryption - password encryption

4. can we assign two colums from one dataset to another dataset

5. How to save dataset to the table of your choice when the dataset is created from datatables?

6. simple encryption

7. Encryption of any value

8. Asynchronous Read/Write made encryption routines slower!

9. Using XML to store encryption keys

10. Salt Not Salting(Encryption)

11. encryption key input

12. a hello world encryption

 

 
Powered by phpBB® Forum Software