0

I wish to keep some data common between my Windows 8, Windows phone 8 and Android application.

The data is encrypted text being downloaded from the internet and decrypted on the device.
The problem however is that every time I try using the built-in classes for AES encryption they all produce different outputs on different devices. On Windows phone 8 I was using RijndaelManaged class but that is missing in WinRT. And the output given by a Windows phone 8 encrypted text would not be decrypted on WinRT or Android. Is there a common encryption/decryption method that would work for all three platforms?

dvhh
  • 4,724
  • 27
  • 33
Ronak Manglani
  • 191
  • 2
  • 10
  • Could you give some link of your code ? especially the AES encryption – dvhh Mar 26 '15 at 09:25
  • @dvhh For the Windows Phone 8 version, I'm using the one given [here](http://stackoverflow.com/questions/10168240/encrypting-decrypting-a-string-in-c-sharp) – Ronak Manglani Mar 26 '15 at 09:31
  • btw your are basing your result on the decrypted content right ? – dvhh Mar 26 '15 at 10:36
  • You can use everything that is standardized. Rijndael is not standardized, but AES is. AES is a subset of Rijndael. – Artjom B. Mar 26 '15 at 13:26

1 Answers1

1

In general, not only the algorithm but also the mode of operation and the block length matter. Try to find and fix them for all platforms even though their classes might have different names.

If you still run into problems, try to find a crypto library that is supported on all your devices. I would guess OpenSSL is a clear candidate.

If those libraries are not natively supported, try shipping them as a lib of your concrete app.

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
user3363866
  • 457
  • 2
  • 11
  • So I should use OpenSSL across all three? Are you sure they'll support it and not produce different outputs in each, as in case of AES? And are there any other alternatives? I can sacrifice a bit of security. It's not nuclear codes. I just need something that is not plain text and not easily decrypted by any bruteforce. – Ronak Manglani Mar 27 '15 at 06:19
  • Hm if you choose the same mode, AES should be compatible anyway as the algorithm is standardized. Could you privide us with more Infos like the exact mode of operation and maybe also the code you use on the other platforms, for example the one on android? This would help a lot. – user3363866 Mar 27 '15 at 11:31
  • I found an [this](https://zenu.wordpress.com/2011/09/21/aes-128bit-cross-platform-java-and-c-encryption-compatibility/) which works across Windows Phone 8 and Android. And [this](https://janhannemann.wordpress.com/2013/11/10/simple-encryption-for-windows-winrt-and-windows-phone/) which works across Windows Phone 8 and Windows 8. I need to bring all 3 to a single standard as both are producing different outputs. – Ronak Manglani Mar 27 '15 at 14:08
  • Did you try to ship a common crypto library (like the above mentioned OpenSSL) and use standard schemes with the same padding and modes etc within your applications as suggested above? – user3363866 May 06 '15 at 12:50