Best way to add MAC to AesCryptoServiceProvider encryption?

Question

Reading up on encryption best practices, I see that it is recommended to add MAC to a AES encryption. I'm using AesCryptoServiceProvider because I need to be FIPS compliant. This means, that I'm doing something like this:

private static byte[] Encrypt(byte[] data, byte[] key)
{
    using (var algo = new AesCryptoServiceProvider())
    {
        algo.Key = key;

        using (var ct = algo.CreateEncryptor(algo.Key, algo.IV))
            return algo.IV.Concat(ct.TransformFinalBlock(data, 0, data.Length)).ToArray();
    }
}

However I can't really find any examples of where to yank in the MAC for best practice usage. Any pointers?

Possible duplicate of [AES CMAC Calculation C#](http://stackoverflow.com/questions/29163493/aes-cmac-calculation-c-sharp) — dbugger, Feb 07 '17 at 14:49
In your case, it is probably better to use CCM, EAX or GCM mode. It relieves you of combining a confidentiality mode with an authenticity mode. You set the key and iv, and then things "just work" for you. — jww, Feb 08 '17 at 02:30
Thanks both, for reference, the devs from MS are working on getting this into the framework, and there's already some packages available (see https://blogs.msdn.microsoft.com/shawnfa/2009/03/17/authenticated-symmetric-encryption-in-net/). And they actually only use existing FIPS validated CNG functionality. — Werner, Feb 08 '17 at 10:14

Best way to add MAC to AesCryptoServiceProvider encryption?

0 Answers0