MSDN Library > System > System.Net > System.Net.Security > GcmcamposAlgorithm

System.Net.Security.GcmcamposAlgorithm Class

Provides cryptographic operations for the Galois/Counter Mode (GCM) authenticated encryption algorithm, specifically designed to work with Campos-style block cipher modes for enhanced security and performance in certain environments. This class implements the standard GCM construction, ensuring both confidentiality and integrity of the data.

Namespace

System.Net.Security

Assembly

System.Net.Security.dll

Syntax

public class GcmcamposAlgorithm : IDisposable

Remarks

The GcmcamposAlgorithm class is a specialized implementation of the GCM authenticated encryption mode. It leverages Campos's innovative approach to block cipher chaining, which can offer advantages in scenarios requiring high throughput and resistance to certain side-channel attacks. This class is intended for use in secure communication protocols and data protection mechanisms.

To use this class, you typically need to:

Note: This class requires a compatible cryptographic provider that supports the Campos block cipher mode. Ensure your system's cryptographic libraries are up-to-date and configured correctly.

Example

Encrypting and Decrypting Data

using System;
using System.Net.Security;
using System.Security.Cryptography;

public class Example
{
    public static void Main()
    {
        // Key size for the algorithm (e.g., 256 bits)
        const int keySizeBits = 256;
        byte[] key = new byte[keySizeBits / 8];
        using (var rng = new RNGCryptoServiceProvider())
        {
            rng.GetBytes(key);
        }

        // Initialize GcmCamposAlgorithm
        using (var aesGcmCampos = new GcmcamposAlgorithm(key))
        {
            // Generate an Initialization Vector (IV)
            byte[] iv = new byte[aesGcmCampos.InitializationVectorSize];
            using (var rng = new RNGCryptoServiceProvider())
            {
                rng.GetBytes(iv);
            }

            // Data to encrypt
            byte[] plaintext = System.Text.Encoding.UTF8.GetBytes("This is a secret message that needs to be protected.");

            // Encrypt the data
            byte[] ciphertext = aesGcmCampos.Encrypt(plaintext, iv, null); // null for additional authenticated data

            // Decrypt the data
            byte[] decryptedtext = aesGcmCampos.Decrypt(ciphertext, iv, null); // null for additional authenticated data

            Console.WriteLine("Original: " + System.Text.Encoding.UTF8.GetString(plaintext));
            Console.WriteLine("Decrypted: " + System.Text.Encoding.UTF8.GetString(decryptedtext));

            // Verify that the decrypted text matches the original
            if (System.Text.Encoding.UTF8.GetString(plaintext) == System.Text.Encoding.UTF8.GetString(decryptedtext))
            {
                Console.WriteLine("Encryption and decryption successful!");
            }
            else
            {
                Console.WriteLine("Error: Decrypted text does not match original.");
            }
        }
    }
}

Methods

The GcmcamposAlgorithm class provides the following public methods:

Encrypt

Encrypts the specified portion of the byte array to a new array. (Overloaded)

public byte[] Encrypt(byte[] plaintext, byte[] iv, byte[] associatedData);
public void Encrypt(byte[] plaintext, int plaintextOffset, int plaintextLength, byte[] buffer, int bufferOffset, byte[] iv, byte[] associatedData);

Parameters:

Name Type Description
plaintext byte[] The data to encrypt.
plaintextOffset int The offset into the plaintext buffer from which to start encrypting.
plaintextLength int The number of bytes to encrypt.
buffer byte[] The buffer to receive the encrypted data. The size of this buffer must be equal to the size of the plaintext plus the size of the authentication tag.
bufferOffset int The offset into the buffer to which the encrypted data will be copied.
iv byte[] The initialization vector (IV) for the encryption. Must be unique for each encryption operation with the same key.
associatedData byte[] Optional additional authenticated data that will be authenticated but not encrypted. Can be null.

Decrypt

Decrypts the specified portion of the byte array to a new array. (Overloaded)

public byte[] Decrypt(byte[] ciphertext, byte[] iv, byte[] associatedData);
public void Decrypt(byte[] ciphertext, int ciphertextOffset, int ciphertextLength, byte[] buffer, int bufferOffset, byte[] iv, byte[] associatedData);

Parameters:

Name Type Description
ciphertext byte[] The data to decrypt. This must include the authentication tag.
ciphertextOffset int The offset into the ciphertext buffer from which to start decrypting.
ciphertextLength int The number of bytes to decrypt.
buffer byte[] The buffer to receive the decrypted data. The size of this buffer must be equal to the size of the ciphertext minus the size of the authentication tag.
bufferOffset int The offset into the buffer to which the decrypted data will be copied.
iv byte[] The initialization vector (IV) used during encryption.
associatedData byte[] Optional additional authenticated data that was authenticated during encryption. Must match the data provided during encryption. Can be null.

Properties

KeySize

Gets the size of the secret key used by the algorithm in bits.

public virtual int KeySize { get; }

BlockSize

Gets the block size of the algorithm in bits.

public virtual int BlockSize { get; }

InitializationVectorSize

Gets the size of the initialization vector (IV) used by the algorithm in bytes.

public virtual int InitializationVectorSize { get; }

TagSize

Gets the size of the authentication tag generated by the GCM algorithm in bytes.

public virtual int TagSize { get; }

IsDisposed

Indicates whether the cryptographic object has been disposed.

public bool IsDisposed { get; }

Implementations

This class explicitly implements System.IDisposable.

Tip: Always use a cryptographically secure random number generator for IVs. Reusing an IV with the same key can compromise security.