Menu
I'm using Machinekey.Protect and Machinekey.Unprotect to encrypt values in my application. A potential client is performing a security audit and has asked about the encryption algorithms used by this method and I am struggling to find an answer using google.
Any help with verifiable links would be greatly appreciated!
Thanks, John
551
The Protect method performs the appropriate operation and securely protects the data. Ciphertext data produced by this method can only be deciphered by the Unprotect method.
Use the Machine Key feature page to configure hashing and encryption settings used for application services, such as view state, Forms authentication, membership and roles, and anonymous identification. Machine keys are also used to verify out-of-process session state identification.
The encryption & hashing algorithms are specified in the <machineKey> element in Web.config.
The default is AES256.
158
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
