AES Encryption in C# Protecting Sensitive Information

Subarta Ray
Dec 12, 2024

398
0
0
- facebook
- twitter
- linkedIn
- Reddit
- WhatsApp
- Email
- Print
- Other Artcile

Introduction

The importance of securing sensitive information cannot be overstated in this digital world. With the exponential growth of data and the increasing sophistication of cyber threats, robust encryption methods are crucial for protecting data from unauthorized access and ensuring privacy. Among the various cryptographic algorithms available, the Advanced Encryption Standard (AES) stands out as a reliable and efficient choice for securing data. This article delves into the implementation of AES encryption in C#, exploring its application in a real-world scenario to demonstrate its effectiveness and practicality.

AES Encryption

AES, a symmetric key encryption algorithm, was established by the National Institute of Standards and Technology (NIST) in 2001. It has become the standard for data encryption due to its strength and speed. AES operates on fixed block sizes of 128 bits and supports key sizes of 128, 192, and 256 bits, offering a high level of security. The algorithm's symmetric nature means that the same key is used for both encryption and decryption, making it essential to keep the key secure.

Securing User Data in a Web Application

Consider a web application that handles sensitive user information, such as personal details and payment information. To ensure that this data remains confidential, the application needs to encrypt it before storing it in the database. AES encryption can be implemented to secure this data, providing peace of mind to users and compliance with data protection regulations.

Let's walk through the implementation of AES encryption in C#, focusing on encrypting and decrypting user data.

Step 1. Setting Up the Project

Start by creating a new C# console application project in Visual Studio. Add a new class file named AesEncryption.cs.

Step 2. Writing the AES Encryption Class

In the AesEncryption.cs file, we'll write a class that handles AES encryption and decryption.

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;

public class AesEncryption
{
    private readonly byte[] key;
    private readonly byte[] iv;

    public AesEncryption(byte[] key, byte[] iv)
    {
        this.key = key;
        this.iv = iv;
    }

    public string Encrypt(string plainText)
    {
        using (Aes aesAlg = Aes.Create())
        {
            aesAlg.Key = key;
            aesAlg.IV = iv;

            ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);

            using (MemoryStream msEncrypt = new MemoryStream())
            {
                using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                {
                    using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                    {
                        swEncrypt.Write(plainText);
                    }
                }

                return Convert.ToBase64String(msEncrypt.ToArray());
            }
        }
    }

    public string Decrypt(string cipherText)
    {
        using (Aes aesAlg = Aes.Create())
        {
            aesAlg.Key = key;
            aesAlg.IV = iv;

            ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);

            using (MemoryStream msDecrypt = new MemoryStream(Convert.FromBase64String(cipherText)))
            {
                using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                {
                    using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                    {
                        return srDecrypt.ReadToEnd();
                    }
                }
            }
        }
    }
}

Step 3. Encrypting and Decrypting Data

We'll use the AesEncryption class in our main program to encrypt and decrypt user data.

class Program
{
    static void Main(string[] args)
    {
        string original = "Sensitive user information";

        // Generate a random key and IV
        using (Aes aesAlg = Aes.Create())
        {
            byte[] key = aesAlg.Key;
            byte[] iv = aesAlg.IV;

            AesEncryption aesEncryption = new AesEncryption(key, iv);

            // Encrypt the data
            string encrypted = aesEncryption.Encrypt(original);
            Console.WriteLine($"Encrypted data: {encrypted}");

            // Decrypt the data
            string decrypted = aesEncryption.Decrypt(encrypted);
            Console.WriteLine($"Decrypted data: {decrypted}");
        }
    }
}

Explanation of the Code

Initialization: The AesEncryption class is initialized with a randomly generated key and initialization vector (IV).
Encryption: The Encrypt method converts the plaintext into a byte array, encrypts it using the AES algorithm, and returns the result as a base64-encoded string.
Decryption: The Decrypt method converts the base64-encoded cipher text back into a byte array, decrypts it, and returns the original plaintext.

Output

AES Encryption in C#

Conclusion

AES encryption is a powerful and efficient way to secure sensitive data in various applications. By implementing AES in C#, developers can protect user information and ensure data privacy. This article provided a real-world example of using AES encryption to secure user data in a web application, highlighting the practical application of this cryptographic algorithm. As the digital landscape continues to evolve, the importance of robust encryption methods like AES will only grow, making it essential for developers to understand and implement these techniques effectively.

Recommended Free Ebook

Kotlin for Beginners

Download Now!