which is better used in MachineKey for 3.5 framework in asp.net?
and what is the reason why?
Asked
Active
Viewed 3,496 times
1 Answers
8
SHA1 and AES are two different things. SHA1 is a cryptographic hash algorithm while AES is a symmetric cypher.
Basically, SHA1 creates a "digest" of a message. The digest is a one-way hash that has a very small possibility of being anything like the hash generated for a similar but different message.
AES is a symmetric cipher used to encrypt data, and decrypt encrypted data. You give it a key, and it used that key and the algorithm to encrypt and decrypt data.
SHA1 is used to verify the integrity of a message, while AES is used to encrypt messages.
Jesse
- 3,751
- 1
- 21
- 19
-
i guessed i asked the wrong question, but good explanation Jesse. my dilemma is which algorithm to use in machinekey "Validation" and "Decryption" methods. in 3.5 they only offer "AES|SHA1|3DES|MD5" which i personally think it's between "AES" and "SHA1" – Juvil Jan 06 '12 at 08:54
-
Weird choice, but without knowing anything about asp.net I would go for aes because it's the only one offering verification (Mac) and decryption, and is considered safe for use. – Maarten Bodewes Jan 06 '12 at 15:13