Encryption and decryption in ASP. NET

Design in ASP. NETTwo aspectsEncryption and decryption: one isConfiguration section in the configuration fileEncryption and decryption, the other isData in ASP. NET.

In. net, encryption and decryption technologies can be dividedTwo Types. One is that encryption and decryption use the same key and algorithm. We call it key encryption or symmetric encryption. This method features very fast. Another encryption method is public key encryption or asymmetric encryption. This encryption algorithm uses different keys for encryption and decryption. Generally, there are two keys A and B, use Key A to encrypt the data to obtain the ciphertext. Only key B can perform the decoding operation. Use Key B to encrypt the data to obtain the ciphertext, and only key a can decrypt the data. These two keys are called the four keys and the Public Key respectively. Asymmetric encryption is powerful, but the processing speed is slow.

There are two concepts related to this:Digital SignatureAndHash. The Public Key algorithm can also be used to form a digital signature to verify the identity of the Information sender (if you trust the sender's key) and help protect data integrity. The hash algorithm maps binary values of any length to smaller binary values of a fixed length. This smaller binary value becomes a hash value. Hash function to ensure message integrity.

Many encryption and decryption methods in ASP. NET depend onKeyThe key is saved in the machinekey of the configuration file. By default, Asp. net uses dynamic generation to create the keys used by the website. If a single server is okay, but the website uses multiple Server Load balancer and machinekey is also dynamically generated, the machinekey values on each server are inconsistent, resulting in inconsistent encrypted results. Verification and viewstate cannot be shared. Therefore, when Server Load balancer is deployed on multiple servers, you must configure the same machinekey on each site.

In ASP. NET, machinekey is used for the following three purposes:

· Encryption and decryption of cookie data when forms authentication is used to ensure that this part of data is not tampered.

· Viewstate data encryption and decryption to ensure that this part of data is not tampered.

· When an out-of-process session is used, the dialog status ID is verified.

(See msdn: http://msdn.microsoft.com/zh-cn/library/w8h3skw9 (V = vs.80). aspx)