How to Use Advanced Encryption Standard (AES) in C# to Protect Your Data
Encryption is the process of converting plain text into cipher text to protect it from unauthorized access. There are several encryption algorithms available, but the Advanced Encryption Standard (AES) is widely used due to its security and speed. In this blog post, we will discuss how to use AES in C#.
What is AES?
AES is a symmetric encryption algorithm that was adopted by the US government in 2002 as a standard for securing sensitive data. It uses a block cipher technique where a fixed-length block of plain text is encrypted into a fixed-length block of cipher text. The key size of AES can be 128, 192, or 256 bits, and the strength of the encryption increases with the key size.
Using AES in C#
C# provides built-in support for AES encryption through the System.Security.Cryptography namespace. We can use the AesManaged class to perform AES encryption and decryption.
Example 1: Encrypting a String
Let’s say we want to encrypt a string using AES with a 256-bit key. Here is the code to do so:
public static string EncryptString(string plainText, string key)
{
byte[] iv = new byte[16];
byte[] buffer = Encoding.UTF8.GetBytes(plainText);
using (AesManaged aes = new AesManaged())
{
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Key = Encoding.UTF8.GetBytes(key);
aes.IV = iv;
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
{
cs.Write(buffer, 0, buffer.Length);
cs.FlushFinalBlock();
return Convert.ToBase64String(ms.ToArray());
}
}
}
}
In the above code, we first convert the plain text into a byte array using the UTF-8 encoding. We then create an instance of the AesManaged class and set its key size, block size, key, IV, mode, and padding. We use a MemoryStream to store the encrypted data and a CryptoStream to perform the encryption. Finally, we convert the encrypted data to a Base64 string and return it.
Example 2: Decrypting a String
To decrypt the encrypted string we generated in the previous example, we can use the following code:
public static string DecryptString(string cipherText, string key)
{
byte[] iv = new byte[16];
byte[] buffer = Convert.FromBase64String(cipherText);
using (AesManaged aes = new AesManaged())
{
aes.KeySize = 256;
aes.BlockSize = 128;
aes.Key = Encoding.UTF8.GetBytes(key);
aes.IV = iv;
aes.Mode = CipherMode.CBC;
aes.Padding = PaddingMode.PKCS7;
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Write))
{
cs.Write(buffer, 0, buffer.Length);
cs.FlushFinalBlock();
return Encoding.UTF8.GetString(ms.ToArray());
}
}
}
}
In this code, we first convert the Base64 string back to a byte array. We then create an instance of the AesManaged class and set its properties the same as the encryption code. We use MemoryStream and CryptoStream to store and decrypt the data, respectively. Finally, we convert the decrypted data back to a string using UTF-8 encoding.