Applied Cryptography in .NET and Azure Key Vault :
[Book]
a Practical Guide to Encryption in .NET and .NET Core /
Stephen Haunts ; foreword by Troy Hunt.
New York :
Apress,
[2019]
1 online resource
Includes bibliographical references and index.
Intro; Table of Contents; About the Author; About the Technical Reviewer; Foreword; Introduction; Chapter 1: What Are Data Breaches?; Types of Data in a Breach and Their Consequences; The Impact on a Company; Financial Loss; Legal Action; Regulatory Impact; Loss of Reputation; Why Network Protection Isn't Enough; How Can Developers Help?; What Can You Expect from This Book?; What You Will Learn; .NET Standard and .NET Core; Code Samples in This Book; Chapter 2: A Brief History of Cryptography; Ancient Times; Increasing Cipher Complexity; Enigma and Mechanical Ciphers; Modern Cryptography
Combining Symmetric and AsymmetricAdding Integrity Checks; Securely Comparing Byte Arrays; Extending with Digital Signatures; Summary; Chapter 10: Key Storage and Azure Key Vault; Exploring Key Management Options; Introducing Azure Key Vault; Azure Key Vault Hardware Mode; Azure Key Vault Software Mode; Keys vs. Secrets; Azure Key Vault Example Costs; Setting up Azure Key Vault; Creating a Key Vault; Registering Your Application with Azure Active Directory; Authorize Your Application to Use Keys and Secrets; Manually Creating Keys and Secrets; Add a Software Protected Key
Encrypting PasswordsUsing Hashes to Store Passwords; Using Password Based Key Derivation Functions; Summary; Chapter 6: Symmetric Encryption; Symmetric Encryption; Advantage: Very Secure; Advantage: Fast; Disadvantage: Sharing Keys Is Hard; Disadvantage: Dangerous If Compromised; History of DES and Triple DES; How DES and Triple DES Works; History of AES; How AES Works; How Secure Is AES Against Brute-Force Attacks?; API Commonality in the .NET Framework; Encryption Mode; Padding; Key; Initialization Vector (IV); AesManaged and AesCryptoServiceProvider
Performing Symmetric Encryption with .NETSummary; Chapter 7: Asymmetric Encryption; Advantage: Very Secure; Advantage: Fast; Disadvantage: Sharing Keys Is Hard; Disadvantage: Dangerous If Compromised; What Is Asymmetric Encryption?; The History of RSA; How Does RSA Work?; Key Derivation; Encryption and Decryption; RSA in .NET; In-Memory Keys; XML-Based Keys; Cryptographic Service Provider; Encryption and Decryption; Summary; Chapter 8: Digital Signatures; High-Level Look at Digital Signatures; Digital Signatures in .NET; Summary; Chapter 9: Hybrid Encryption
Symmetric EncryptionPublic and Private Key Cryptography; Why Is Cryptography Important?; Examples of Modern Cryptography; The Four Pillars of Modern Cryptography; Confidentiality; Integrity; Authentication; Non-Repudiation; Summary; Chapter 3: The Importance of Random Numbers; Generating Deterministic Random Numbers; Generating Secure Random Numbers; Summary; Chapter 4: Hashing and Hashed Message Authentication Codes; Hashing and Integrity; MD5; Secure Hash Algorithm (SHA) Family; Authenticated Hashing; Summary; Chapter 5: Safely Storing Passwords; Storing Passwords in the Clear
0
8
8
8
8
Benefit from Microsoft's robust suite of security and cryptography primitives to create a complete, hybrid encryption scheme that will protect your data against breaches. This highly practical book teaches you how to use the .NET encryption APIs and Azure Key Vault, and how they can work together to produce a robust security solution. Applied Cryptography in .NET and Azure Key Vault begins with an introduction to the dangers of data breaches and the basics of cryptography. It then takes you through important cryptographic techniques and practices, from hashing and symmetric/asymmetric encryption, to key storage mechanisms. By the end of the book, you'll know how to combine these cryptographic primitives into a hybrid encryption scheme that you can use in your applications. Author Stephen Haunts brings 25 years of software development and security experience to the table to give you the concrete skills, knowledge, and code you need to implement the latest encryption standards in your own projects. What You'll Learn: Get an introduction to the principles of encryption Understand the main cryptographic protocols in use today, including AES, DES, 3DES, RSA, SHAx hashing, HMACs, and digital signatures Combine cryptographic techniques to create a hybrid cryptographic scheme, with the benefits of confidentiality, integrity, authentication, and non-repudiation Use Microsoft's Azure Key Vault to securely store encryption keys and secrets Build real-world code to use in your own projects This book is for software developers with experience in .NET and C#. No prior knowledge of encryption and cryptographic principles is assumed. Stephen Haunts is a software developer with experience across industry verticals, including game development, financial services, insurance, and healthcare. He specializes in security and cryptography and regularly speaks and presents at conferences and user groups about secure coding in .NET.