Game Development Reference
In-Depth Information
Table 16.1 Padding Modes Available in .NET 2.0 (continued)
Padding Mode Description
PaddingMode.ISO10126 This padding mode works very much like PaddingMode.PKCS7, except it
sets the value of the final byte in the block to the number of padding
bytes and sets the remaining padding bytes to random data.
PaddingMode.ANSIX923 This padding mode works very much like PaddingMode.PKCS7, except it
sets the value of the final byte in the block to the number of padding
bytes and sets the remaining padding bytes to zero.
It is advisable to use PaddingMode.PKCS7 when developing with .NET 1.1 and
PaddingMode.ISO10126 when developing with .NET 2.0. Both versions of the .NET
framework default to PaddingMode.PKCS7 , so you will have to explicitly set the
padding mode to ISO10126.
Keep in mind that your software does not exist in a vacuum, so it is important that
you make sure that using a different padding mode will not break any existing code.
Key Strength
The key strength , also known as key size , of an encryption algorithm refers to the
length of the underlying key, and the higher the number the better. Consider the
case of an 8-bit key. It would take an attacker roughly 256 guesses to land on the
key, whereas a 40-bit key would take an attacker roughly over a trillion guesses to
land on the key. The key length is very important, as is the data comprising the key.
Pseudo-random number generators (PRNG) are sometimes used by developers to
generate private keys. Computers are fairly predictable, so achieving randomness
is difficult to do. Do not try to create your own PRNG classes; use the built-in
functionality provided by the RNGCryptoServiceProvider class in the .NET Class
Framework.
Lastly, some developers also derive the key from a password, which may result in
a key of substantial length, but the key is only as random as its source. If a 256-bit
key is derived from a 12-character password, the key is not as secure as one might
think. If a malicious attacker understands how the key is derived, he only has to
attack the 12-character password to reveal the key itself.
Search Nedrilad ::




Custom Search