|Microsoft Enterprise Library 5.0|
|The Cryptography Application Block|
Developers frequently write applications that require encryption and hashing capabilities to meet the security requirements of their organization. Data that is created and maintained by applications, as well as configuration information, often needs to be encrypted. Additionally, passwords that are used to access application functionality or data need to be hashed.
The Enterprise Library Cryptography Application Block simplifies the way developers incorporate cryptographic functionality in their applications. Applications can use the block for a variety of tasks, such as encrypting information, creating a hash from data, and comparing hash values to verify that data has not been altered. In addition, you can change the underlying providers through configuration without changing the underlying application code.
The Cryptography Application Block includes support for the following features:
- Encryption algorithms
- Hashing algorithms
- Multiple cryptography providers
- Additional implementations of cryptography providers
- Key protection with the data protection API (DPAPI)
This section includes the following topics that will help you to understand and use the Cryptography Application Block:
- What Does the Cryptography Application Block Do? This topic provides a brief overview that will help you to understand what the block can do, and explains some of the concepts and features it incorporates. It also provides a simple example of writing code to use the block.
- When Should I Use the Cryptography Application Block? This topic will help you to decide if the block is suitable for your requirements. It explains the benefits of using the block, and any alternative techniques you may consider. It also provides details of any limitations of the block that may affect your decision to use it.
- Developing Applications Using the Cryptography Application Block. This topic describes how to install the Cryptography Application Block so that you can use it in your applications. It also describes how to configure the block for common operations.
- Key Scenarios. This topic then shows how to use the block to perform most cryptography tasks.
- Design of the Cryptography Application Block. This topic explains the decisions that went into the design of the block and the rationale behind those decisions.
- Extending and Modifying the Cryptography Application Block. This topic explains how to extend the Cryptography Application Block by creating your own providers and how to modify the source code.
- Deployment and Operations. This topic explains how to deploy and update the block's assemblies. It also contains information about configuration.
For more information, see the following resources:
- Improving Web Application Security: Threats and Countermeasures
- How To: Use Authorization Manager (AzMan) with ASP.NET 2.0
- patterns & practices Security How To Index