Which cryptography algorithm is the most secure that ships with .net?
Asked
Active
Viewed 7,210 times
2 Answers
20
You cannot directly compare all types of cryptographic algorithms. That would be like comparing a sorting algorithm with a multiplication algorithm: they have different purposes. That being said, I would answer:
- Symmetric cipher: AES-256
- Asymmetric cipher: RSA with 4096 bit key (I believe that is the maximum in .NET) or ECDSA with 571 bit key (but that is only supported in .NET 3.5)
- Hash: SHA-512
- Message Authentication Code: HMAC with SHA-512
That being said, those are overkill for most applications, and you should do fine using AES-128, RSA with 2048 bit key, SHA-256 and HMAC with SHA-256.
Rasmus Faber
- 48,631
- 24
- 141
- 189
-
Rasmus, what would be ideal for a licence key? – Nov 03 '08 at 15:28
-
1My answer here: http://stackoverflow.com/questions/258994/net-cryptography-for-licence-keys#259458 – Rasmus Faber Nov 03 '08 at 18:12
-
FYI - I made a reference to this answer on the new Security SE site: http://security.stackexchange.com/questions/1751/what-are-the-realistic-and-most-secure-crypto-for-symmetric-asymmetric-hash-m – makerofthings7 Jan 19 '11 at 23:29
0
I'm somewhat partial to SHA-512. If 512 is a little excessive, the other members of the SHA-2 family might be helpful - SHA-256 and SHA-384 are both in the SHA-2 family. But AviewAnew's suggestion of AES 256 is good as well.
Thomas Owens
- 114,398
- 98
- 311
- 431
-
-
Because you don't use a key to generate the hash. A SHA hash will always be the same for a given input. – Thomas Owens Nov 03 '08 at 14:28
-
Since the tag is encryption, I think we wanted an encryption algorithm, rather than a Hash function. ASDF - A Hash function is unkeyed. A MAC (sometimes called a keyed hash function) uses a key and has a different purpose from SHA or AES. – Tom Ritter Nov 03 '08 at 14:29
-
That could be. Based on the question, though, SHA does fit the bill as a cryptographic hash function. – Thomas Owens Nov 03 '08 at 14:33