RijndaelManaged: IV Generation?

Posted by cam on Stack Overflow See other posts from Stack Overflow or by cam
Published on 2010-03-27T19:26:11Z Indexed on 2010/03/27 19:33 UTC
Read the original article Hit count: 351

Filed under:

c#

|

cryptography

|

rijndaelmanaged

I want to implement the most secure, and most reliable form of symmetric key cryptography in my application. The user should input a password to encrypt/decrypt, and that's all. For RijndaelManaged, one must enter a key and an IV. I'm not sure how to address the situation. Right now, I have the entered password being hashed by SHA256 and then being used as the key for the Rijndael. What do I use for the IV? Another password?

© Stack Overflow or respective owner

Related posts about c#

.NET WebRequest.PreAuthenticate not quite what it sounds like

as seen on West-Wind - Search for 'West-Wind'
I’ve run into the problem a few times now: How to pre-authenticate .NET WebRequest calls doing an HTTP call to the server – essentially send authentication credentials on the very first request instead of waiting for a server challenge first? At first glance this sound like it should be easy:… >>> More
HttpWebRequest and Ignoring SSL Certificate Errors

as seen on West-Wind - Search for 'West-Wind'
Man I can't believe this. I'm still mucking around with OFX servers and it drives me absolutely crazy how some these servers are just so unbelievably misconfigured. I've recently hit three different 3 major brokerages which fail HTTP validation with bad or corrupt certificates at least according to… >>> More
The dynamic Type in C# Simplifies COM Member Access from Visual FoxPro

as seen on West-Wind - Search for 'West-Wind'
I’ve written quite a bit about Visual FoxPro interoperating with .NET in the past both for ASP.NET interacting with Visual FoxPro COM objects as well as Visual FoxPro calling into .NET code via COM Interop. COM Interop with Visual FoxPro has a number of problems but one of them at least got a lot… >>> More
Dynamic Type to do away with Reflection

as seen on West-Wind - Search for 'West-Wind'
The dynamic type in C# 4.0 is a welcome addition to the language. One thing I’ve been doing a lot with it is to remove explicit Reflection code that’s often necessary when you ‘dynamically’ need to walk and object hierarchy. In the past I’ve had a number of ReflectionUtils that used string based expressions… >>> More
Finding a Relative Path in .NET

as seen on West-Wind - Search for 'West-Wind'
Here’s a nice and simple path utility that I’ve needed in a number of applications: I need to find a relative path based on a base path. So if I’m working in a folder called c:\temp\templates\ and I want to find a relative path for c:\temp\templates\subdir\test.txt I want to receive back subdir\test… >>> More

Related posts about cryptography

Visual Basic Cryptography Question

as seen on Stack Overflow - Search for 'Stack Overflow'
I am trying to mimic the results of some C code that uses the OpenSSL library using the system.security.crytography library in the .net 3.5 world, and I can't seem to get it right. I need some help... part of the issue is my understanding of crytography in general. Here's what is supposed to happen: I… >>> More
External iPhone Cryptography Libs

as seen on Stack Overflow - Search for 'Stack Overflow'
Are there any legal problems using external crypto libs in my iPhone application? I know that Apple has to comply to US cryptography export rules but do I as a developer have any responsibility? How does it work? >>> More
MD5 implementation notes

as seen on Programmers - Search for 'Programmers'
While going through RFC1321, I came across the following paragraph: This step uses a 64-element table T[1 ... 64] constructed from the sine function. Let T[i] denote the i-th element of the table, which is equal to the integer part of 4294967296 times abs(sin(i)), where i is in radians… >>> More
What should web programmers know about cryptography?

as seen on Programmers - Search for 'Programmers'
Should programmers who build websites/web applications understand cryptography? I have no idea how most crypographic algorithms work, and I really don't understand the differences between md5/des/aes/etc. Have any of you found any need for an in-depth understanding of cryptography? I haven't needed… >>> More
Java Cryptography Extension

as seen on Programmers - Search for 'Programmers'
I was told that in order to support AES256 encryption inside my Java app that I would need the JCE with Unlimited Strength Jurisdiction Policy Files. I downloaded this from Oracle and unzipped it and I'm only seeing 2 JARs: local_policy.jar; and US_export_polic.jar I just want to confirm I'm… >>> More