13

Which cryptography algorithm is the most secure that ships with .net?

Improve this question

2 Answers 2

Reset to default
20

You cannot directly compare all types of cryptographic algorithms. That would be like comparing a sorting algorithm with a multiplication algorithm: they have different purposes. That being said, I would answer:

  • Symmetric cipher: AES-256
  • Asymmetric cipher: RSA with 4096 bit key (I believe that is the maximum in .NET) or ECDSA with 571 bit key (but that is only supported in .NET 3.5)
  • Hash: SHA-512
  • Message Authentication Code: HMAC with SHA-512

That being said, those are overkill for most applications, and you should do fine using AES-128, RSA with 2048 bit key, SHA-256 and HMAC with SHA-256.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Rasmus, what would be ideal for a licence key?
My answer here: stackoverflow.com/questions/258994/…
FYI - I made a reference to this answer on the new Security SE site: security.stackexchange.com/questions/1751/…
0

I'm somewhat partial to SHA-512. If 512 is a little excessive, the other members of the SHA-2 family might be helpful - SHA-256 and SHA-384 are both in the SHA-2 family. But AviewAnew's suggestion of AES 256 is good as well.

Improve this answer

4 Comments

the msdn examples don't seem to be using a key to generate the hash?
Because you don't use a key to generate the hash. A SHA hash will always be the same for a given input.
Since the tag is encryption, I think we wanted an encryption algorithm, rather than a Hash function. ASDF - A Hash function is unkeyed. A MAC (sometimes called a keyed hash function) uses a key and has a different purpose from SHA or AES.
That could be. Based on the question, though, SHA does fit the bill as a cryptographic hash function.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.