Deriving a many-use key for symmetric data encryption

I need to generate a 256 bit key for AES symmetric encryption in .net. I have not found any description on how to do so "from scratch". By this I mean, I don't intend to base this key off of a user password. I simply want to produce a cryptographically secure key to use.

The best option, as far as I can tell, is simply to use the .net class RNGCryptoServiceProvider

Is this the best approach to generate cryptographically secure keys?

Answers


The "best approach" depends on your exact requirements.

If all you require is 32 random bytes, then RNGCryptoServiceProvider is fine. You have to make arrangements to ensure that the key is available at your destination, typically using RSA or some other asymmetric encryption method. If you need it for archive purposes, then you will need a way to securely store it. You also need to ensure that it is securely deleted after you no longer need it.

Alternatively you could use a Key Derivation Function, with the same considerations of transfer, storage and deletion applying to the KDF parameters.


Need Your Help

jQuery and "Organized Code"

javascript jquery code-organization

I've been struggling lately with understanding the best way to organize jQuery code. I asked another question earlier and I don't think I was specific enough (found in this question here).

How to change the background color of each second row?

java swing jtable background-color tablecellrenderer

I try to change the background color of each second row. The problem is that only first COLUMN is affected. Why?