Title: Practical experience with the .NET cryptographic API
Authors: Boon, Cédric
Philippaerts, Pieter
Piessens, Frank
Issue Date: Nov-2008
Publisher: Department of Computer Science, K.U.Leuven
Series Title: CW Reports vol:CW531
Abstract: When a vulnerability is discovered in a cryptographic algorithm, or in a specific implementation of that algorithm, it is important that software using that algorithm or implementation is upgraded quickly. Hence, modern cryptographic libraries such as the Java Cryptographic Architecture and Extensions (JCA/JCE) and the .NET crypto libraries are designed to be extensible with new algorithms. In addition, they also support algorithm and implementation independent use. Software written against these libraries can be implemented such that switching to a new crypto algorithm or implementation requires very little effort. This paper reports on our experiences with the implementation of a number of extensions to the .NET cryptographic framework. The extensions we consider are smart card based implementations of existing algorithms. We evaluate the extensibility of the libraries, and the support for implementation independence. We identify several problems with the libraries that have a negative impact on these properties, and we propose solutions. The main conclusion of the paper is that extensibility and implementation independence can be substantially improved with only minor changes. These changes maintain backwards compatibility for client code.
Publication status: published
KU Leuven publication type: IR
Appears in Collections:Informatics Section

Files in This Item:
File Description Status SizeFormat
CW531.pdfDocument Published 399KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.