I'm using the TripleDESCryptoServiceProvider
and need to store the encryption key.
If I call the providers GenerateKey
method, is this just a base64 encoded string? If so am I safe to unencode it as such as use the resulting string as a key?
On a slightly different note, is there any problem with using this same key as a salt key when doing one-way hashes? I'm writing a simple membership provider for .net which allows the user to choose the encryption technique (plain, hash, encrypted) so wondered whether it was necessary to make the user specify both a salt key and encryption key.
Calling GenerateKey will generate a new, random, safe (i.e. not weak) key. It's length (128 or 192) will depend on how your
TripleDESCryptoServiceProvider
is set up.The format itself is a
byte[]
array since you can only retrieve it from theKey
property - so it's not base64, but can easily be encoded that way if you wish, e.g.Convert.ToBase64String(algo.Key);
You cannot use a string as a key - not unless you convert it back to a
byte[]
. However you can keep the key as a string between it's uses (if that's any help to your application).If you use the random data as a key or as a salt then there should be no issue. Just don't use the same data for both (and).