Symmetric algorithms always use the same key for encryption and decryption and they are fast for encryption and ecryption.
The next table lists symmetric algorithms supported by .NET:
|
Abstract Algorithm |
Default Implementation |
Valid Key Size |
Maximum Key Size |
|
| DES | DES | DESCryptoServiceProvider | 64 | 64 |
| TripleDES | TripleDES | TripleDESCryptoServiceProvider | 128,192 | 192 |
| RC2 | RC2 | RC2CryptoServiceProvider | 40-128 | 128 |
| Rijndael | Rijndael | RijndaelManaged | 128,192,256 | 256 |
The strength of the encryption corresponds to the key size. In case of the greater the key size, the harder it is for a brute-force attack to succeed, because there are far more possible key values to test. Keep in mind that the greater symmetric key sizes lead to larger messages and slower encryption times. In most cases, a good standard choice is Rijndael, because it offers solid performance and support for large key sizes.
The major problems with symmetric algorithms are:
|
Problem |
Description |
| Key exchange |
When you are using symmetric algorithms to exchange data between two applications hosted by different parties, you have to exchange the key in a secure way. |
| Brute-force attacks |
When you use the symmetric key for a longer period of time, attackers might have enough time to decrypt traffic by just trying any valid combination of bits in a key. With an increasing bit size, the strength of the key increases, but you should use a different key in regular intervals. |
| Long-term key management |
If you have to update keys in regular intervals, you have to exchange them in regular intervals, which might lead to additional security risks. In addition, you have to store the key in a secure place. |