Depending on whether you have a key exchange problem, you could use either symmetric (faster) or asymmetric (don't need a secure channel to exchange keys) encryption. In either case, you should be using a well-tested crypto library and not trying to roll your own from crypto primitives.
Depending on whether you have a key exchange problem, you could use either symmetric (faster) or asymmetric (don't need a secure channel to exchange keys) encryption. In either case, you should be using a well-tested crypto library and not trying to roll your own from crypto primitives. More importantly, you need to ask yourself why you're doing this encryption yourself instead of letting HTTPS handle it.
If all you need is a secure channel, you're extremely unlikely to be able to do a better job than HTTPS.
1 For the mention of HTTPS – tschaible Nov 12 '09 at 12:32 Forgot about asym. – Will? Nov 12 '09 at 12:32.
It if the sole purpose of the encryption is to pass the object over the wire - than use a standard encryption provided by WCF (or whatever communication foundation you use). You don't need to deal with it yourself. In WCF you'll have to install certificate so if there is unlimited number of clients it wouldn't be good practice.
If you want to implement your own encryption - there are plenty of APIs for that - but your real problem will be key management (which is actually the same problem as before...) For choosing Symmetric or a-Symmetric - again - it will be derived from your key management options.
I'd recommend encrypt in the client (don't roll your own) send and store it encrypted in the database as a hash on login, encrypt the incoming value and compare against the stored value There is no need to store plain text in a database.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.