| Title | Applied Cryptography in .NET and Azure Key Vault: A Practical Guide to Encryption in .NET and .NET |
|---|
| File Size | 4.5 MB |
|---|
| Total Pages | 239 |
|---|
Table of Contents
Table of Contents
About the Author
About the Technical Reviewer
Foreword
Introduction
Chapter 1: What Are Data Breaches?
Types of Data in a Breach and Their Consequences
The Impact on a Company
Financial Loss
Legal Action
Regulatory Impact
Loss of Reputation
Why Network Protection Isn’t Enough
How Can Developers Help?
What Can You Expect from This Book?
What You Will Learn
.NET Standard and .NET Core
Code Samples in This Book
Chapter 2: A Brief History of Cryptography
Ancient Times
Increasing Cipher Complexity
Enigma and Mechanical Ciphers
Modern Cryptography
Symmetric Encryption
Public and Private Key Cryptography
Why Is Cryptography Important?
Examples of Modern Cryptography
The Four Pillars of Modern Cryptography
Confidentiality
Integrity
Authentication
Non-Repudiation
Summary
Chapter 3: The Importance of Random Numbers
Generating Deterministic Random Numbers
Generating Secure Random Numbers
Summary
Chapter 4: Hashing and Hashed Message Authentication Codes
Hashing and Integrity
MD5
Secure Hash Algorithm (SHA) Family
Authenticated Hashing
Summary
Chapter 5: Safely Storing Passwords
Storing Passwords in the Clear
Encrypting Passwords
Using Hashes to Store Passwords
Using Password Based Key Derivation Functions
Summary
Chapter 6: Symmetric Encryption
Symmetric Encryption
Advantage: Very Secure
Advantage: Fast
Disadvantage: Sharing Keys Is Hard
Disadvantage: Dangerous If Compromised
History of DES and Triple DES
How DES and Triple DES Works
History of AES
How AES Works
How Secure Is AES Against Brute-Force Attacks?
API Commonality in the .NET Framework
Encryption Mode
Padding
Key
Initialization Vector (IV)
AesManaged and AesCryptoServiceProvider
Performing Symmetric Encryption with .NET
Summary
Chapter 7: Asymmetric Encryption
Advantage: Very Secure
Advantage: Fast
Disadvantage: Sharing Keys Is Hard
Disadvantage: Dangerous If Compromised
What Is Asymmetric Encryption?
The History of RSA
How Does RSA Work?
Key Derivation
Encryption and Decryption
RSA in .NET
In-Memory Keys
XML-Based Keys
Cryptographic Service Provider
Encryption and Decryption
Summary
Chapter 8: Digital Signatures
High-Level Look at Digital Signatures
Digital Signatures in .NET
Summary
Chapter 9: Hybrid Encryption
Combining Symmetric and Asymmetric
Adding Integrity Checks
Securely Comparing Byte Arrays
Extending with Digital Signatures
Summary
Chapter 10: Key Storage and Azure Key Vault
Exploring Key Management Options
Introducing Azure Key Vault
Azure Key Vault Hardware Mode
Azure Key Vault Software Mode
Keys vs. Secrets
Azure Key Vault Example Costs
Setting up Azure Key Vault
Creating a Key Vault
Registering Your Application with Azure Active Directory
Authorize Your Application to Use Keys and Secrets
Manually Creating Keys and Secrets
Add a Software Protected Key
Add a Hardware-Protected Key
Add a Key from a PFX Certificate File
Add a Secret
Azure Key Vault “Hello World” Application
Summary
Chapter 11: Azure Key Vault Usage Patterns
Multiple Environments
Configuration as Secrets
Local Key Wrapping
Exploring Key Wrapping Further
Key Rotation and Versioning
Password Protection
Varying the Iterations over Time
Digital Signing
Upgrading the Hybrid Encryption Example
Summary
Chapter 12: Final Summary
Cryptography Summary
Random Numbers
Hashing and Authentication
Authenticated Hashing
Storing Passwords
Symmetric Encryption
Advantage: Very Secure
Advantage: Fast
Disadvantage: Sharing Keys Is Hard
Disadvantage: Dangerous If Compromised
Asymmetric Encryption
Digital Signatures
Hybrid Encryption
Azure Key Vault
Multiple Environments
Configuration as Secrets
Local Key Wrapping
Password Protection
Digital Signing
Don’t Forget the Perimeter
Next Steps
Index
