Symmetric Encryption and Decryption in C# AES and DES Encryption Algorithms

In this article, I am going to explore encryption and decryption via algorithms with C# example code.

There are mainly two types of algorithms that are used for encryption and decryption:

Symmetric Encryption

In this type of encryption, a single key is used for encryption and decryption. It is faster than it's counterpart: asymmetric encryption. But it also has some drawbacks. For example, a single key is used for encryption and decryption, so when you encrypt the date, then you have to provide the same key for decryption. And if data is sent over the network, then at the end where decryption happened, you also need to know the same key. Suppose you have a service performing encryption/decryption of a message with a key and your many clients consume that service, then you have to provide your key to your client also. It needs a high level of trust — you are sharing your key, which essentially means you're sharing your secret.

Asymmetric Encryption

We have seen that symmetric encryption has some security and trust problems. So, asymmetric encryption helps to solve that problem. Asymmetric encryption uses two keys for encryption and decryption — one key for encryption and another key for decryption. You are able to encrypt messages with a public key and decrypt messages with a private key. The public key is used only for encryption and cannot decrypt a message by a public key. But asymmetric encryption is slower than others; it is very slow, so it is not a good fit for large data (more than 1 kilobyte).

There are many algorithms for asymmetric encryption. Mainly, there are two algorithms used:

1. RSA: RSA was first discovered in 1978 by Ron Rivest, Adi Shamir, and Leonard Adleman, hence the name RSA.
2. DSA: DSA stands for Digital Signature Algorithm.

More details on RSA and DSA can be found here.

In this article, while there are many algorithms available for encryption, we will focus on symmetric encryption with DES, 3DES, and AES algorithms.

DES Data Encryption Standard

The Data Encryption Standard, or DES, is a traditional old way used for encryption and decryption. It’s not reliable and can break easily. Key size in DES is very short. It’s not very good when our data travels over various networks — it can be a brute force.

Here is an example of the encryption code: (check comments in the code for more details)

public string EncryptData(string strData, string strEncDcKey)
{
byte[] key = { }; //Encryption Key
byte[] IV = { 10, 20, 30, 40, 50, 60, 70, 80 };
byte[] inputByteArray;
try
{
key = Encoding.UTF8.GetBytes(strEncDcKey);
// DESCryptoServiceProvider is a cryptography class defind in c#.
DESCryptoServiceProvider ObjDES = new DESCryptoServiceProvider();
inputByteArray = Encoding.UTF8.GetBytes(strData);
MemoryStream Objmst = new MemoryStream();
CryptoStream Objcs = new CryptoStream(Objmst, ObjDES.CreateEncryptor(key, IV), CryptoStreamMode.Write);
Objcs.Write(inputByteArray, 0, inputByteArray.Length);
Objcs.FlushFinalBlock();
return Convert.ToBase64String(Objmst.ToArray());//encrypted string
}
catch (System.Exception ex)
{
throw ex;
}
}

Here is an example of the decryption code:

public string DecryptData(string strData, string strEndDcKey)
{
byte[] key = { };// Key
byte[] IV = { 10, 20, 30, 40, 50, 60, 70, 80 };
byte[] inputByteArray = new byte[strData.Length];
try
{
key = Encoding.UTF8.GetBytes(strEndDcKey);
DESCryptoServiceProvider ObjDES = new DESCryptoServiceProvider();
inputByteArray = Convert.FromBase64String(strData);
MemoryStream Objmst = new MemoryStream();
CryptoStream Objcs = new CryptoStream(Objmst, ObjDES.CreateDecryptor(key, IV), CryptoStreamMode.Write);
Objcs.Write(inputByteArray, 0, inputByteArray.Length);
Objcs.FlushFinalBlock();
Encoding encoding = Encoding.UTF8;
return encoding.GetString(Objmst.ToArray());
}
catch (System.Exception ex)
{
throw ex;
}
}

3DES or Triple DES Algorithm

As we have seen, there are some security-related issues in the DES algorithm, so we can say that 3DES is an updated version of DES. In the 3DES, there are some enhancements that provide better encryption and also increase key size, which was very short in DES.

AES Advanced Encryption Standard

The Advanced Encryption Standard, or AES, is also called the Rijndael cipher. AES support 128, 192 and 256-bit encryption can be determined by the key size, 128-bit encryption key size is 16 bytes, 192-bit encryption key is 24 bytes, and 256-bit encryption key size is 32 bytes. AES Encryption offers good performance and also a good level of security.  The AES encryption is a symmetric cipher that uses the same key for encryption and decryption.

Here is an example of the AES encryption code (check comments in the code for details):

public string EncryptData(string textData, string Encryptionkey)
    {

        RijndaelManaged objrij = new RijndaelManaged();
        //set the mode for operation of the algorithm
        objrij.Mode = CipherMode.CBC;
        //set the padding mode used in the algorithm.
        objrij.Padding = PaddingMode.PKCS7;
        //set the size, in bits, for the secret key.
        objrij.KeySize = 0x80;
        //set the block size in bits for the cryptographic operation.
        objrij.BlockSize = 0x80;
        //set the symmetric key that is used for encryption & decryption.
        byte[] passBytes = Encoding.UTF8.GetBytes(Encryptionkey);
        //set the initialization vector (IV) for the symmetric algorithm
        byte[] EncryptionkeyBytes = new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
        int len = passBytes.Length;
        if (len > EncryptionkeyBytes.Length)
        {
           len = EncryptionkeyBytes.Length;
        }
        Array.Copy(passBytes, EncryptionkeyBytes, len);
        objrij.Key = EncryptionkeyBytes;
        objrij.IV = EncryptionkeyBytes;
        //Creates symmetric AES object with the current key and initialization vector IV.
        ICryptoTransform objtransform = objrij.CreateEncryptor();
        byte[] textDataByte = Encoding.UTF8.GetBytes(textData);
        //Final transform the test string.
        return Convert.ToBase64String(objtransform.TransformFinalBlock(textDataByte, 0, textDataByte.Length));
    }-

And here is an example of the decryption code:

string DecryptData(string EncryptedText, string Encryptionkey)
    {
        RijndaelManaged objrij = new RijndaelManaged();
        objrij.Mode = CipherMode.CBC;
        objrij.Padding = PaddingMode.PKCS7;
        objrij.KeySize = 0x80;
        objrij.BlockSize = 0x80;
        byte[] encryptedTextByte = Convert.FromBase64String(EncryptedText);
        byte[] passBytes = Encoding.UTF8.GetBytes(Encryptionkey);
        byte[] EncryptionkeyBytes = new byte[0x10];
        int len = passBytes.Length;
        if (len > EncryptionkeyBytes.Length)
        {
            len = EncryptionkeyBytes.Length;
        }
        Array.Copy(passBytes, EncryptionkeyBytes, len);
        objrij.Key = EncryptionkeyBytes;
        objrij.IV = EncryptionkeyBytes;
        byte[] TextByte = objrij.CreateDecryptor().TransformFinalBlock(encryptedTextByte, 0, encryptedTextByte.Length);
        return Encoding.UTF8.GetString(TextByte);  //it will return readable string
    }

In the next article, I will further explain asymmetric encryption using RSA and DSA algorithms — stay tuned!