January, 2007

  • .NET Security Blog

    Please do not use the .NET 2.0 HMACSHA512 and HMACSHA384 Classes

    • 19 Comments
    We’ve recently discovered a bug in the HMACSHA512 and HMACSHA384 classes which shipped in the .NET Framework 2.0. This bug will cause these algorithms to produce incorrect results which are not consistent with other implementations of HMAC-SHA-512 and...
  • .NET Security Blog

    Elliptic Curve Diffie-Hellman

    • 8 Comments
    The second elliptic curve algorithm added to Orcas is elliptic curve Diffie-Hellman, as the ECDiffieHellmanCng class. This is the first time Diffie-Hellman is available as part of the .NET Framework, so lets take a quick look at what it is and what it...
  • .NET Security Blog

    Combining Strong Names with Authenticode

    • 6 Comments
    If you want to use both a strong name and Authenticode signature on your assembly (for instance if you need a strong name for strong assembly identity, and your company has a rule requiring Authenticode signatures on all shipped products), then you need...
  • .NET Security Blog

    New Crypto Algorithms in Orcas

    • 6 Comments
    The January CTP of Orcas is now available , and with it comes a total of 12 new cryptography algorithm implementation classes, which include 2.5 new algorithms. (I'll count AES as 0.5 since we did already have Rijndael :-) ). These classes also are the...
  • .NET Security Blog

    Elliptic Curve DSA

    • 3 Comments
    Yesterday I gave a quick rundown of all the new cryptographic algorithms available in the Orcas January CTP . Today, let's dive in a little deeper to the first of the elliptic curve algorithms, ECDSA. (ECDSA, along with the rest of the CNG classes in...
Page 1 of 1 (5 items)