c# - How to encrpyt / decrypt data in chunks? -

-

i'm quite new c# , encryption please have patience me. want save binary data ("objects" - in fact parts of objects, can't / don't use serialization, binarywriter , similar) , want encrypt in memory , write using filestream. @ first wanted use sort of xor didn't know easy break, changed code use aes.

the thing have relatively large files , quite need change or read 32 bytes of data. must capable of encrypting 1 chunk of data , capable of decrypting desired chunks of data. came following solution.

when saving data loop through data , inside loop encrypt chunk of data , write file. while reading, have loop reads chunks of data , inside loop have declare decryptor, find inefficient.

here's code encryption & saving:

        //setup file stream saving data         filestream fstream = new filestream(filename, filemode.openorcreate, fileaccess.write, fileshare.read, 1024, false);          //setup encryption (aes)         symmetricalgorithm aes = aes.create();         byte[] key = { 145, 12, 32, 245, 98, 132, 98, 214, 6, 77, 131, 44, 221, 3, 9, 50 };         byte[] iv = { 15, 122, 132, 5, 93, 198, 44, 31, 9, 39, 241, 49, 250, 188, 80, 7 };         aes.padding = paddingmode.none;         icryptotransform encryptor = aes.createencryptor(key, iv);          foreach(....)         {            //data manipulation             //encryption            memorystream m = new memorystream();            using (stream c = new cryptostream(m, encryptor, cryptostreammode.write))               c.write(data, 0, data.length);            byte[] original = new byte[32];            original = m.toarray();            fstream.write(original, 0, original.length);         }

the key , iv hardcoded enable easier debugging , solving problems, once work i'll change way key , iv generated.

here's code reading & decryption: filestream fstream = new filestream(filename, filemode.open, fileaccess.read, fileshare.read, 4096, false);

            //setup encryption (aes)             symmetricalgorithm aes = aes.create();             byte[] key = { 145, 12, 32, 245, 98, 132, 98, 214, 6, 77, 131, 44, 221, 3, 9, 50 };             byte[] iv = { 15, 122, 132, 5, 93, 198, 44, 31, 9, 39, 241, 49, 250, 188, 80, 7 };             aes.padding = paddingmode.none;              //reading             while (numbytestoread > 0)             {                 byte[] original = new byte[32];                 byte[] data = new byte[32];                 int len = fstream.read(original, 0, 32);                  //error checking ...                 //decryption                 icryptotransform decryptor = aes.createdecryptor(key, iv);  //this slow operation                 memorystream m = new memorystream();                 using (stream c = new cryptostream(m, decryptor, cryptostreammode.write))                     c.write(original, 0, original.length);                 data = m.toarray();                  //data manipulation ...             }

well thing find inefficient create decryptor in loop. there quite lot of data. if create before entering loop can't decrypt , have change encryption (declare encryption stream , memory stream before loop), can't encrypt / decrypt desired chunk of data. there aren't many files require random reading / writing. instance @ files i'll want read position till end of file, can quite lot.

what's view on this? there better way achieve this? maybe different encryption algorithm (in beginning wanted use sort of xor found out easy "crack") ?

p.s. want encrypt in memory , must use seekable streams.

if want full random access, ecb way go (as earlier answer recommends). not need recreate encryption stream each block, because doesn't use iv , encrypting block doesn't permute stream (unlike other modes cryptotext depends on previous blocks or position of block in stream). wikipedia has nice illustration (the ciphertux picture) of 1 of problems mode.

if file logically consists of larger chunks (such database records or disk sectors in virtual disks), should consider encrypting them units. in cbc mode generate new random iv each chunk each time write , store block (thus using additional 32 bytes of storage per chunk), , need rewrite entire chunk if single byte changes, security better.


Comments

Post a Comment

Popular posts from this blog

linux - Mailx and Gmail nss config dir -

-
i trying send mail linux command line using mailx command. can send local domain no problem want set mail send gmail account receive mail sent gmail account. after configuring mail.rc so: account gmail { set smtp=smtps://smtp.gmail.com:587 set smtp-auth=login set smtp-auth-user=username@gmail.com set smtp-auth-password=password set ssl-verify=ignore } i error: resolving host smtp.gmail.com . . . done. connecting 74.125.25.109 . . . connected. missing "nss-config-dir" variable. "/home/username/dead.letter" 11/354 . . . message not sent. after looking "nss-config-dir" here , located certn.db , keyn.db files , added mail.rc so: account gmail { set smtp=smtps://smtp.gmail.com:587 set smtp-auth=login set smtp-auth-user=username@gmail.com set smtp-auth-password=password set ssl-verify=ignore set nss-config-dir=/home/user/.mozilla/firefox/location.default } now when try send mail using command: echo "sent gmail account" | mailx -v -a
Read more

c# - Is it possible to remove an existing registration from Autofac container builder? -

-
something along lines: builder.registertype<mytype>().as<itype>(); builder.registertype<mytype2>().as<itype>(); builder.deregistertype<mytype>().as<itype>() var container = builder.build(); var types = container.resolve<ienumerable<itype>>(); assert.istrue(types.count == 1); assert.istrue(types[0].gettype == typeof(mytype2)); scenario: go through bunch of assemblies , go register types want make sure have 1 implementation of given type. need before create container. track on own nice if autofac me bit. this cannot done directly using containerbuilder , unless start on new one. mind you, having first built container should able construct new container filtering away unwanted types , reusing registrations first container. this: ... var container = builder.build(); builder = new containerbuilder(); var components = container.componentregistry.registrations .where(cr => cr.activator.limittype != typ
Read more

php - Mysql PK and FK char(36) vs int(10) -

-
i have read mysql can handle indexes , searches better if tables keys integers rather char(36) uuid's. is worth converting int(10)? note: use 1 server , have have plans use multiple databases concurrently therefore removing 1 of big reasons using uuid. our tables innodb if makes difference. thanks in advance. usually rdbms can handle integer keys pk more efficient, other datatypes. reason how build index column, yes: long dont require string (or other typed) keys, should use integers. however: char(36) , int(10) far away being equal, because int(10) much smaller, char(36). dont know, if require many different keys, should keep in mind. update, complete last paragraph: int(10) 32-bit, char(36) 36 - ^byte^ (= 288-bit). not mean, int consumes less space, means, char(36) has 4 times more different keys.
Read more