Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Wanet Telecoms Ltd on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ASP.Net Cryptography

Status
Not open for further replies.
VoipNewbie

VoipNewbie

Technical User
Feb 9, 2005
61
US
Hey Everyone-

I am trying to make an asp.net vb web page utilizing system.security.cryptography.

When a user goes to the site they will create an account and as their information is submitted to the database i will have a process creating the public and private keys for the user.

The user will then goto the login page and enter their username and press submit.. then something on the server side will take a link and encrypt it with the users public key... then that link will be decrypted with the users stored private key and the user will have access if all goes well. My question is... how do i create the "service" on the server that will encrypt the link with the users public key?

any suggestions?

thank you in advance.
 
Sort by date Sort by votes
This sounds like a fishy implementation. Is there a specific application for this, or are you just trying to implement authentication? If the latter, I'd recommend using asp.net forms authentication (lots of tutorials available). Once it's set up, you could just make a database call in your login page codebehind, and then decide whether to authenticate them or not. No service, no extra encryption - it will generate an encrypted cookie for the session and send it to the user without any extra code on your part.

 
Upvote 0 Downvote
i need to use an implementation of public key cryptography to authenticate the user.

I figured when the user first goes to the site they will create an account. When they create the account their public and private keys will be created. The public key will be stored in a public key ring and the private key will be stored on the users computer and symmetrically encrypted to protect its identity. The key to symmetrically encrypt it will be the password the user chose.

Now when the user comes back to the site they put their username and password in. This will then initiate the server to get the users public key and encrypt a link with it. it will then decrypt the users prvate key with the symmetric key and then use the private key to decrypt the link... this link will allow the user to login...

I just need help making a service on the server that i can send data to and receive a particular response (the encrypted link)

 
Upvote 0 Downvote
Why encrypt the key on the user's computer? Their system should be secure anyway. Also, what stops someone from copying and pasting the decrypted link afterwards? Also, you'll still need SSL to transmit the private key securely, which is why I don't see how this implementation is necessary. Regular forms authentication + SSL will still be more secure.

In any case, for the server you could look into a web service ( that would handle key generation. The other option would be to create a regular service (by inheriting from System.ServiceProcess.ServiceBase) which you could tie into. There's lots of tutorials - just hit google.

As for the client side, you will need either a javascript guru or a standalone windows application to handle private key decryption and so on.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Makumbi256
  • Locked
  • Question
How to make days vertical and grid view editable using asp.net vb
Replies
0
Views
890
Makumbi256
Makumbi256
snakehips2000
  • Locked
  • Question
Entity Framework, MVC, ASP.NET, ASP.NET Core etc… etc
Replies
0
Views
871
snakehips2000
snakehips2000
WIREMESH
  • Locked
  • Question
Play mp4 files in asp.net 2.0 webforms application
Replies
0
Views
328
WIREMESH
WIREMESH
WIREMESH
  • Locked
  • Question
ASP.NET 2.0 Webform compilation error
Replies
1
Views
435
jbenson001
jbenson001
Carlvic
  • Locked
  • Question
Things need for ASP.Net
Replies
5
Views
507
Carlvic
Carlvic

Part and Inventory Search

Sponsor

Back
Top