Results 1 to 5 of 5

Thread: .NET Encryption Algorith source...

  1. #1
    Senior Member
    Join Date
    Dec 2001

    .NET Encryption Algorith source...

    I found somewhere that has it. Seems that MS has gone open-source on its new .NET thing, releasing the encryption algorithm. This may seem odd, but it doesn't go unsaid on their part: read the EULA before you download it. No modification, do they want you to do. Click here for it. Just scroll down a bit to "click here to obtain the full source code."

  2. #2
    Senior Member
    Join Date
    Aug 2001
    I have heard that, they aren't really opposed to Open Source itself. But they are opposed to the GPL. Which I agree. It is not a license in which you would want to use, if you were in the software business and trying to make money.
    savIRC :: The Multi-Platform IRC Client v. 1.8 [Released 9.04.02]

  3. #3
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Superior, WI USA
    .NET is writtten in C#(C Sharp)...they still don't reveal the source code, unless forced to...no matter what you may find...M$ will never just give away their code...unless it it snowing in hell right about now...

    "entia non sunt multiplicanda praeter necessitatem"

    "entities should not be multiplied beyond necessity."

    -Occam's Razor

  4. #4
    Senior Member
    Join Date
    Aug 2001
    From the site:

    System.Security.Cryptography namespace of the .NET Framework.
    The following classes and interfaces are part of the System.Security.Cryptography namespace of the .NET Framework Base Class Library.
    SymmetricAlgorithm is the top level abstraction for all symmetric cryptography algorithms

    AsymmetricAlgorithm is the top level abstraction for all asymmetric cryptography algorithms

    RC2 the RC2 abstraction, subclassing from SymmetricAlgorithm

    DES the DES algorithm abstraction, subclassing from SymmetricAlgorithm

    TripleDES the Triple DES algorithm abstraction, deriving from SymmetricAlgorithm

    Rijndael the Rijdeal abstraction, deriving from SymmetricAlgorithm

    RSA the RSA public key cipher agbstraction, deriving from AsymmetricAlgorithm

    DSA the DSA public key cipher abstraction, deriving from AsymmetricAlgorithm

    ICryptoTransform the interface definition for encryption and decryption transforms. Objects of this type are generated by methods on SymmetricAlgorithm

    So it isn't like they are releasing full source. More like bits and pieces, from what it sounds like.
    savIRC :: The Multi-Platform IRC Client v. 1.8 [Released 9.04.02]

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Several of the .NET encryption methods are publicly available ciphers, of which there are open source implementations.

    Examples of such implementations are Crypto++, or openSSL

    Of course Microsoft's implementations may not be correct, or secure - only with open source can you have the implementation independently scruitinsed.

    However, it seems unlikely that with well-known algorithms, even M$ implementations are wildly defective.

    If they implement the specification of these algorithms correctly, they will interoperate with other people's implementations.

    Of course there's nothing to say that their key generation is secure - various US governmental agencies may have asked them to deliberately choose bad keys (of course any key can legitimately be chosen, so this is impossible to detect externally)

    I would certainly be suspicious about their key generation routines not having been tampered with by the US government.

    Hence if I was running a non-US government based organisation who required strong encryption, it would be tempting to use either an in-house implementation or an open source one, to ensure that the US government hadn't tampered with it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts