Implement a Custom Authentication Scheme

Now this one is short will be short and will have nothing to do with the title. I’ve found four enumerations in the System.Security.Authentication namespace. The most important of these is the SslProtocols enumeration. It has five possible values. You should know that the Ssl values (Ssl2 and Ssl3) are provided only for backward-compatibility and they are all superseded by the Tsl protocol. The fifth value is None, and it speaks for itself. Here’s a repeat for a better layout of this blog:

  • SSlProtocols enumeration:
    • Default (Ssl3 or Tsl will be used)
    • None
    • SSl2
    • Ssl3
    • Tsl

I forgot to mention that this enumeration controls which SSL protocol should be used for a given SslStream. Just in case if someone didn’t figure it out.

The next enumeration is CipherAlgorithmType. It defines the possible cipher algorithms of a given SslStream class. The possible values are:

  • None: no cipher algorithm is used.
  • Des: the Data Encryption Standard, considered insecure (only 56 bits for a key). Uses symmetric key.
  • TripleDes: enforces the standard DES algorithm by applying it three times to each block of data. Uses symmetric key.
  • Rc2: ciphering algorithm with 64-bit symmetric key.
  • Rc4: the world’s most widely used ciphering algorithm.
  • Aes: Advanced Encryption Standard, the superset of Data Encryption Standard. 128 bits block size, key size can be 128, 192 or 256 bits.
  • Aes128, Aes192, Aes256: AES cipher algorithm with the respective key sizes.

HashAlgorithmType is another enumeration, which is responsible for setting the algorithm type for generating message authentication codes (MACs). Its values:

  • None: no MAC is used.
  • Md5: the Message Digest 5 algorithm is used. Some security breaches were found, consider using SHA-1 instead.
  • Sha1: Secure Hash Algorithm.

Last but not least comes ExchangeAlgorithmType, which specifies the algorithm used for create keys shared by the client and the server. Its members are:

  • None: no key exchange algorithm is used.
  • DiffieHellman
  • RsaKeyX: the public-key exchange algorithm of RSA.
  • RsaSign: the public-key signature algorithm of RSA.

Further Readings

System.Security.Authentication namespace

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s