Re: AES with SslStream

My understanding is that this is still the case. You would need to wait for
that to show up in the OS as a standard supported SSL algorithm for
SslStream to be able to use it, as it is doing pinvoke to the SSPI schannel
provider.

I can't remember which version of Windows is supposed to get that support,
but you might be waiting for Vista/Longhorn server. I think someone from MS
may have disclosed this on one of the non-.NET security newsgroups.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Coy" <wayneos@xxxxxxxxxxx> wrote in message
news:OGb8YE9HHHA.1784@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
I'm trying to determine if all of the cipher suite CipherAlgorithmType
types are available when using SslStream. By defaults only RC4 is showing
up in my SslStream.CipherSuite property, but I need some of the AES cipher
suites. As of a year ago, my understanding is that the AES types are still
not realized because the underlying Microsoft AES Cryptographic Provider
was not yet visible to .NET or SslStream.

Here is that newsgroup inquiry from somebody - November 2005:

Question:
"I am having major problems connecting to a specific SSL-enabled server.
This server only supports AES 128 and AES 256, but the .NET 2.0 SslStream
class doesn't seem to support it (although the CipherAlgorithmType enum
has the values Aes128 and Aes256)."

Answer:
The underlying security package that System.Net uses (SSPI - a part of
Windows) currently does not support those cipher suites.
Mike Flasko - PM, System.Net & Winsock, MSFT

Is it still the case that AES is not useable from .NET and only useable
via the CryptoAPI using C++ or C?

Here is the list from the CipherAlgorithmType page, where only the last 4
are useable.
Aes The Advanced Encryption Standard (AES) algorithm.
Aes128 The Advanced Encryption Standard (AES) algorithm with a 128 bit
key.
Aes192 The Advanced Encryption Standard (AES) algorithm with a 192 bit
key.
Aes256 The Advanced Encryption Standard (AES) algorithm with a 256 bit
key.
Des The Data Encryption Standard (DES) algorithm.
None No encryption algorithm is used.
Rc2 Rivest's Code 2 (RC2) algorithm.
Rc4 Rivest's Code 4 (RC4) algorithm.
TripleDes The Triple Data Encryption Standard (3DES) algorithm.

Is there a way to make the Microsoft AES Cryptographic Provider visable to
.NET by performing the tasks indicated in the knowledge base article
245030?

Thanks





.

Relevant Pages

  • Is a cryptographic monoculture hurting us all?
    ... basket but guard that fucking basket" - so we design an algorithm such ... AES may have been analysed by a lot of people and recieve a lot ... I propose that instead of forming a single algorithm for a standard, ...
    (sci.crypt)
  • Re: Adjusting Cryptography for the historical record?
    ... > and could this be done in a standardized or semi-standardized manner? ... Instead we rely on standards, ... So in the case of standards that only support one algorithm, ... the algorithm is known immediately after detecting the protocol. ...
    (sci.crypt)
  • Re: Using Salsa20 in a new protocol spec
    ... Should I consider using Salsa20? ... Is such an algorithm likely to get revised? ... AES is much more standardized, ... standard. ...
    (sci.crypt)
  • Re: Using Salsa20 in a new protocol spec
    ... Should I consider using Salsa20? ... Is such an algorithm likely to get revised? ... AES is much more standardized, ... standard. ...
    (sci.crypt)
  • Re: Is C99 the final C? (some suggestions)
    ... thread about who has access to the standard, ... >>Could you provide a reference to the description of the algorithm ... these rare cases) a very loose upper bound. ... > the worst case and say that you only have as much stack space of the ...
    (comp.lang.c)