For those of you in NYC or the surrounding area, I will be doing a presentation on encryption at the .NET Developers Group on Thursday, June 21, 2007. It’s a similar presentation to the one I’ve done for a number of user groups in the Southeast. I made this presentation as a response to the flood of online code snippets for encrypting data. While they are all fairly easy to use, they don’t explain what they do and often developers think their data is more secure than it actually is.
During the presentation, we’ll quickly cover some high level encryption basics (asymmetric, symmetric, and one way hashes), but will spend most of our time dealing with symmetric encryption; namely how and why you configure a symmetric algorithm to encrypt the data (ECB vs. CBC). By the end of the session, you’ll finally understand what an initialization vector (IV) is used for and the proper way to create and store it.
Don’t worry if you don’t understand what half of that meant. I’ll be sure to explain everything as we go along.
You can also find a fair amount of the content from the presentation here in an article I wrote a while back.