Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Encryption in C# Web-Services

Tags:

c#

security

web-services

encryption

I'm looking for a simple way to encrypt my soap communication in my C# Web-Service.

I was looking into WSE 3.0 but it seems Microsoft dropped support for it, and therefore it's not straightforward to use.
It seems WCF could've been an option but I prefer not to upgrade from .NET 2.0 .

Any simple, straightforward encryption method?

like image 346
David Berlin Avatar asked Aug 20 '08 17:08

David Berlin

People also ask

What are the encryption in C?

Secret key encryption with a random key Authenticated Encryption. Secret key encryption with a key derived from a passphrase Key Derivation. Hybrid encryption with Key Agreement. Public Key Encryption.

What is encryption with example?

Encryption is an important way for individuals and companies to protect sensitive information from hacking. For example, websites that transmit credit card and bank account numbers encrypt this information to prevent identity theft and fraud.

What is meant by encryption and decryption in C?

Encryption is the process of translating plain text data (plaintext) into something that appears to be random and meaningless (ciphertext). Decryption is the process of converting ciphertext back to plaintext.

What is encrypt in programming?

Encryption is used to keep data secret. In its simplest form, a file or data transmission is garbled so that only authorised people with a secret key can unlock the original text.

2 Answers

I think this can help; last year we used this to compress the webservices and it performed very well, I believe it could be enhanced with encryption classes;

Creating Custom SOAP Extensions - Compression Extension

like image 56
Nelson Miranda Avatar answered Sep 22 '22 09:09

Nelson Miranda

Anything you do to provide "encryption" that isn't using SSL/TLS is likely to be vulnerable. Now you have to ask yourself, is it worth burning dev hours you could be spending on features on a rubber-chicken security measure? Maybe it is.

.NET APIs like DPAPI and the Win32 crypt32 API make it easy to encrypt blobs of data with static keys. But how will your clients receive the keys? Any installed SOAP client will have to either have the key burned into its configuration, or receive it over the insecure Internet.

This is the problem SSL/TLS solves for you; the dance you do with TLS certificates is what solves the problem of communicating public keys over untrusted channels.

like image 43
tqbf Avatar answered Sep 24 '22 09:09

tqbf
Sign in to Comment

Related questions

SSL Certification works with localhost but not computer name or ip
How to debug Unity resolution?
How to get the current CPU/RAM/Disk usage in a C# web application using .NET CORE?
Best practices to use await-async, where to start the task?
async Task vs async void
Assembly uses version X which has a higher version than referenced assembly error
What is the best way to use Razor in a console application
Need understanding as to why string.StartsWith() is true when it should be false
RSA .NET encryption Java decryption
Configure socket ACK timeout?
Open Chrome from command line and wait till it's closed
Having a collection in class [duplicate]
Add Files Into Existing Zip - performance issue
Automapper custom many-to-one conversion
IronPython for .NET core
How to preserve await behavior with TaskCompletionSource.SetException?
C# 6 null conditional operator does not work for LINQ query
Support SQL Server change tracking with Entity Framework 6
Execute global filter before controller's OnActionExecuting, in ASP.NET Core
Failed to load the hostfxr.dll after install net core

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!