Please let us know how secure is Rijndael symmetric encryption algorithm. The key is stored in web config file.
Asked
Active
Viewed 2,281 times
-1
-
2I would say, a lot, more than the people involved. – Dec 08 '16 at 19:09
-
1I'm voting to close this question as off-topic because this isn't a programming question. – President James K. Polk Dec 08 '16 at 19:56
-
2The fact that you are asking this question is an indicator that you probably shouldn't be directly using Rijndael in your code and should instead use a library that wraps the functionality for you. – Luke Joshua Park Dec 08 '16 at 21:00
1 Answers
5
The Rijndael algorithm, in conjunction with safe configuration values (i.e. AES), is very robust and secure. The only true measure of an encryption algorithm's security is its consistent and long-lived exposure to cryptanalysis and attempts to defeat it by many cryptographers. AES has thus far been successful at that task.
Storing the symmetric encryption key in source code is a much bigger concern, and orders of magnitude more likely to be the cause of a data leak than Rijndael.
