"Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
Try the PasswordDeriveBytes class.
That's your easiest bet. Of course, you could do it manually, but getting
the algorithm down to where you could mitigate some of the dictionary and
cryptanalysis attacks is tricky.
-Rob Teixeira [MVP]
To do this manually, you would use SHA-1 and do the following
EncryptionKey = SHA-1(SHA-1(Supplied Passphrase) || Supplied Passphrase)
Why use SHA-1 twice? Unfortunately, SHA-1 (and MD5 for that matter) are
susceptible to message extension attacks. It's not obvious how one would you
use a message extension attack on a passphrase construction but that's not
the point. It's a known weakness so it's best to eliminate it anyway because
someone much smarter than you might work out how to use message extension in
your system.
Simon.