Architecture and Application of Microsoft .NET Framework 3.5 Cryptography for Data Protection
Play Architecture and Application of Microsoft .NET Framework 3.5 Cryptography for Data Protection
Did you realise that starting with .NET Framework 3.5 usage of some of the best cryptographic mechanisms of Suite-B has been tremendously simplified? The difference is not only hundreds fewer lines of code for you to write, but also a simpler architecture for you to understand. If you ever wanted to DIY cryptography but were afraid of its complexity, this session is for you. Perhaps you are still using DES, RSA, MD5, or SHA-1? Do you know how this might expose your company to a loss? Why is the architecture of Open Cryptographic API for Windows (CNG, Cryptography Next Generation) any better than CAPI? These are some of the questions we answer in this information-packed and fast-paced level 300 session aimed towards architects and developers who are already familiar with basic cryptographic and security concepts. We spend a good amount of time covering the crypto extension of .NET Framework 3.5: System.Security.Cryptography but we also briefly overview CNG's Win32 API to give you an alternative. Indeed, we show you working code in a demo, which applies Suite-B for a simple encryption task. We explain when using one has advantages over the other. While we are not going to explain the inner workings of any of the covered algorithms, we give you a good background to all the new ones, so that you can make better choices while designing security for your systems. Microsoft Windows 7, Windows Vista, Windows Server 2008 and R2 include full support for all of those innovations. Consider this as an opportunity to incorporate the awesome power of the recent security and cryptography developments in your software. For the curious, we may even tell you why we cannot tell you about Suite-A...