.netSecurity

Encryption using Symmetric key in C#

In this article, we will discuss how to encrypt XML document usning Symmetric key. We will use Advanced Encryption Standard(AES) known as Rijndael algorithm for encryption.

  • Add a reference to System.Security.dll to project
  • Include System.Security.Cryptography and System.Security.Cryptography.Xml namespace to your project
  • XML Encryption allows you to store or transport sensitive XML, without worrying about the data being easily read.
  • This procedure decrypts an XML element using the Advanced Encryption Standard (AES) algorithm, also known as Rijndael.
  • When AES is used to encrypt XML data the same key is used to decrypt the xml data

The example in this procedure assumes that the encrypted XML will be decrypted using the same key, and that the encrypting and decrypting parties agree on the algorithm and key to use.

This example does not store or encrypt the AES key within the encrypted XML.

This example is used for situations where a single application needs to encrypt data based on a session key stored in memory, or based on a cryptographically strong key derived from a password. For situations where two or more applications need to share encrypted XML data, consider using an encryption scheme based on an asymmetric algorithm or an X.509 certificate.

To encrypt an XML element with a symmetric key:

Generate a symmetric key using the RijndaelManaged class. This key will be used to encrypt the XML element.

Create an XmlDocument object by loading an XML file from disk. The XmlDocument object contains the XML element to encrypt.

Find the specified element in the XmlDocument object and create a new XmlElement object to represent the element you want to encrypt. In this example, the “SSN” element is encrypted.

Create a new instance of the EncryptedXml class and use it to encrypt the XmlElement with the symmetric key. The EncryptData method returns the encrypted element as an array of encrypted bytes.

Construct an EncryptedData object and populate it with the URL identifier of the XML Encryption element. This URL identifier lets a decrypting party know that the XML contains an encrypted element. You can use the XmlEncElementUrl field to specify the URL identifier.

Create an EncryptionMethod object that is initialized to the URL identifier of the cryptographic algorithm used to generate the key. Pass the EncryptionMethod object to the EncryptionMethod property.

Add the encrypted element data to the EncryptedData object.

Replace the element from the original XmlDocument object with the EncryptedData element.

Let’s look at the example for implementing the same.
This example assumes that a file named “test.xml” exists in the same directory as the compiled program. It also assumes that “test.xml” contains a “socialsecurityno” element. You can place the following XML into a file called test.xml and use it with this example.

© 2015, www.techkatak.com. All rights reserved.

One thought on “Encryption using Symmetric key in C#

Comments are closed.