Generate key using Pass Phrase or AesCryptoServiceProvider?

Question

We using AES encryption to encrypt the data. Generating a key once in a year using some app(i.e console) so which way i have to choose to generate the key?

1. Do we need to generate the key using the Pass Phrase method?

2. Or we have to choose the default generate key provided by AESCryptoServiceProvider?

The below method uses Pass Phrase for generating the encryption.

Method 1:

private static readonly byte[] Salt = new byte[] { 10, 20, 30, 40, 50, 60, 70, 80 };

private static byte[] CreateKey(string password, int keyBytes = 32)
{
    const int Iterations = 300;
    var keyGenerator = new Rfc2898DeriveBytes(password, Salt, Iterations);
    return Convert.FromBase64String(keyGenerator.GetBytes(keyBytes));
}

The below method uses AesCryptoServiceProvider for generating Key and we didn't use Pass Phrase

Method 2:

var Key = default(string);

using (var provider = new AesCryptoServiceProvider())
{
    provider.GenerateKey();
    Key = System.Text.Encoding.ASCII.GetString(provider.Key);
}

Edit:

can we use this Random Number generation method?

public static byte[] RandomNumberGenerator()
{
  var rngBytes = new byte[32];
  using (RandomNumberGenerator objNumberGenerator = new RNGCryptoServiceProvider())
  {
    objNumberGenerator.GetBytes(rngBytes);
    return rngBytes;
  }

}

Here I have added two methods to generate the Key to store in DB, so i would like to know which one I have to choose among this methods or do we have any other way to generate the key? — Chandrasekar Kesavan, Apr 25 '14 at 09:05
Both methods are no good. You should generate the aes key using a secure random number generator. Possibly you encrypt the resulting key. This is not CC advice please read CC requirements. — Maarten Bodewes, Apr 25 '14 at 10:05
@owlstead Can you please provide some link to read the CC req and also it would be great if you provide some sample code to generate using a secure random number generator. — Chandrasekar Kesavan, Apr 25 '14 at 10:20

Generate key using Pass Phrase or AesCryptoServiceProvider?

0 Answers0

Linked