وبلاگ بلیان

رمزنگاری کاربردی در .NET و Azure Key Vault: راهنمای عملی برای رمزگذاری در .NET و .NET Core

Applied Cryptography in .NET and Azure Key Vault : A Practical Guide to Encryption in .NET and .NET Core

جلد کتاب رمزنگاری کاربردی در .NET و Azure Key Vault: راهنمای عملی برای رمزگذاری در .NET و .NET Core

معرفی کتاب «رمزنگاری کاربردی در .NET و Azure Key Vault: راهنمای عملی برای رمزگذاری در .NET و .NET Core» (با عنوان لاتین Applied Cryptography in .NET and Azure Key Vault : A Practical Guide to Encryption in .NET and .NET Core) نوشتهٔ Stephen Haunts، منتشرشده توسط نشر Apress Media در سال 2019. این کتاب در 9 صفحه، فرمت pdf، زبان انگلیسی ارائه شده است.

Benefit from Microsoft's robust suite of security and cryptography primitives to create a complete, hybrid encryption scheme that will protect your data against breaches. This highly practical book teaches you how to use the .NET encryption APIs and Azure Key Vault, and how they can work together to produce a robust security solution. **__Applied Cryptography in .NET and Azure Key Vault__** begins with an introduction to the dangers of data breaches and the basics of cryptography. It then takes you through important cryptographic techniques and practices, from hashing and symmetric/asymmetric encryption, to key storage mechanisms. By the end of the book, you’ll know how to combine these cryptographic primitives into a hybrid encryption scheme that you can use in your applications. Author Stephen Haunts brings 25 years of software development and security experience to the table to give you the concrete skills, knowledge, and code you need to implement the latest encryption standards in your own projects.**What You'll Learn** * Get an introduction to the principles of encryption * Understand the main cryptographic protocols in use today, including AES, DES, 3DES, RSA, SHAx hashing, HMACs, and digital signatures * Combine cryptographic techniques to create a hybrid cryptographic scheme, with the benefits of confidentiality, integrity, authentication, and non-repudiation * Use Microsoft's Azure Key Vault to securely store encryption keys and secrets * Build real-world code to use in your own projects **Who This Book Is For**Software developers with experience in .NET and C#. No prior knowledge of encryption and cryptographic principles is assumed. Table of Contents 5 About the Author 10 About the Technical Reviewer 11 Foreword 12 Introduction 14 Chapter 1: What Are Data Breaches? 16 Types of Data in a Breach and Their Consequences 17 The Impact on a Company 19 Financial Loss 19 Legal Action 19 Regulatory Impact 20 Loss of Reputation 20 Why Network Protection Isn’t Enough 21 How Can Developers Help? 21 What Can You Expect from This Book? 22 What You Will Learn 22 .NET Standard and .NET Core 24 Code Samples in This Book 25 Chapter 2: A Brief History of Cryptography 26 Ancient Times 26 Increasing Cipher Complexity 28 Enigma and Mechanical Ciphers 30 Modern Cryptography 33 Symmetric Encryption 33 Public and Private Key Cryptography 34 Why Is Cryptography Important? 35 Examples of Modern Cryptography 36 The Four Pillars of Modern Cryptography 37 Confidentiality 37 Integrity 37 Authentication 37 Non-Repudiation 38 Summary 38 Chapter 3: The Importance of Random Numbers 39 Generating Deterministic Random Numbers 40 Generating Secure Random Numbers 41 Summary 44 Chapter 4: Hashing and Hashed Message Authentication Codes 45 Hashing and Integrity 45 MD5 47 Secure Hash Algorithm (SHA) Family 49 Authenticated Hashing 53 Summary 59 Chapter 5: Safely Storing Passwords 61 Storing Passwords in the Clear 61 Encrypting Passwords 62 Using Hashes to Store Passwords 63 Using Password Based Key Derivation Functions 68 Summary 74 Chapter 6: Symmetric Encryption 75 Symmetric Encryption 75 Advantage: Very Secure 76 Advantage: Fast 76 Disadvantage: Sharing Keys Is Hard 76 Disadvantage: Dangerous If Compromised 77 History of DES and Triple DES 77 How DES and Triple DES Works 79 History of AES 81 How AES Works 82 How Secure Is AES Against Brute-Force Attacks? 83 API Commonality in the .NET Framework 84 Encryption Mode 84 Padding 86 Key 86 Initialization Vector (IV) 87 AesManaged and AesCryptoServiceProvider 87 Performing Symmetric Encryption with .NET 88 Summary 98 Chapter 7: Asymmetric Encryption 99 Advantage: Very Secure 99 Advantage: Fast 100 Disadvantage: Sharing Keys Is Hard 100 Disadvantage: Dangerous If Compromised 100 What Is Asymmetric Encryption? 101 The History of RSA 102 How Does RSA Work? 102 Key Derivation 102 Encryption and Decryption 104 RSA in .NET 105 In-Memory Keys 105 XML-Based Keys 106 Cryptographic Service Provider 107 Encryption and Decryption 109 Summary 114 Chapter 8: Digital Signatures 115 High-Level Look at Digital Signatures 116 Digital Signatures in .NET 120 Summary 126 Chapter 9: Hybrid Encryption 127 Combining Symmetric and Asymmetric 129 Adding Integrity Checks 140 Securely Comparing Byte Arrays 146 Extending with Digital Signatures 148 Summary 155 Chapter 10: Key Storage and Azure Key Vault 156 Exploring Key Management Options 156 Introducing Azure Key Vault 158 Azure Key Vault Hardware Mode 159 Azure Key Vault Software Mode 159 Keys vs. Secrets 159 Azure Key Vault Example Costs 160 Setting up Azure Key Vault 161 Creating a Key Vault 162 Registering Your Application with Azure Active Directory 163 Authorize Your Application to Use Keys and Secrets 166 Manually Creating Keys and Secrets 168 Add a Software Protected Key 169 Add a Hardware-Protected Key 169 Add a Key from a PFX Certificate File 169 Add a Secret 170 Azure Key Vault “Hello World” Application 171 Summary 181 Chapter 11: Azure Key Vault Usage Patterns 182 Multiple Environments 182 Configuration as Secrets 186 Local Key Wrapping 188 Exploring Key Wrapping Further 195 Key Rotation and Versioning 196 Password Protection 197 Varying the Iterations over Time 204 Digital Signing 205 Upgrading the Hybrid Encryption Example 208 Summary 218 Chapter 12: Final Summary 219 Cryptography Summary 220 Random Numbers 220 Hashing and Authentication 221 Authenticated Hashing 222 Storing Passwords 222 Symmetric Encryption 223 Advantage: Very Secure 224 Advantage: Fast 224 Disadvantage: Sharing Keys Is Hard 224 Disadvantage: Dangerous If Compromised 224 Asymmetric Encryption 225 Digital Signatures 226 Hybrid Encryption 227 Azure Key Vault 229 Multiple Environments 230 Configuration as Secrets 230 Local Key Wrapping 230 Password Protection 230 Digital Signing 231 Don’t Forget the Perimeter 231 Next Steps 232 Index 234 Benefit from Microsoft's robust suite of security and cryptography primitives to create a complete, hybrid encryption scheme that will protect your data against breaches. This highly practical book teaches you how to use the .NET encryption APIs and Azure Key Vault, and how they can work together to produce a robust security solution. Applied Cryptography in .NET and Azure Key Vault begins with an introduction to the dangers of data breaches and the basics of cryptography. It then takes you through important cryptographic techniques and practices, from hashing and symmetric/asymmetric encryption, to key storage mechanisms. By the end of the book, you'll know how to combine these cryptographic primitives into a hybrid encryption scheme that you can use in your applications. Author Stephen Haunts brings 25 years of software development and security experience to the table to give you the concrete skills, knowledge, and code you need to implement the latest encryption standards in your own projects. What You'll Learn: Get an introduction to the principles of encryption Understand the main cryptographic protocols in use today, including AES, DES, 3DES, RSA, SHAx hashing, HMACs, and digital signatures Combine cryptographic techniques to create a hybrid cryptographic scheme, with the benefits of confidentiality, integrity, authentication, and non-repudiation Use Microsoft's Azure Key Vault to securely store encryption keys and secrets Build real-world code to use in your own projects This book is for software developers with experience in .NET and C#. No prior knowledge of encryption and cryptographic principles is assumed. Stephen Haunts is a software developer with experience across industry verticals, including game development, financial services, insurance, and healthcare. He specializes in security and cryptography and regularly speaks and presents at conferences and user groups about secure coding in .NET Benefit from Microsoft's robust suite of security and cryptography primitives to create a complete, hybrid encryption scheme that will protect your data against breaches. This highly practical book teaches you how to use the .NET encryption APIs and Azure Key Vault, and how they can work together to produce a robust security solution. Applied Cryptography in .NET and Azure Key Vault begins with an introduction to the dangers of data breaches and the basics of cryptography. It then takes you through important cryptographic techniques and practices, from hashing and symmetric/asymmetric encryption, to key storage mechanisms. By the end of the book, you’ll know how to combine these cryptographic primitives into a hybrid encryption scheme that you can use in your applications. Author Stephen Haunts brings 25 years of software development and security experience to the table to give you the concrete skills, knowledge, and code you need to implement the latest encryption standards in your own projects. What You'll Learn Get an introduction to the principles of encryption Understand the main cryptographic protocols in use today, including AES, DES, 3DES, RSA, SHAx hashing, HMACs, and digital signatures Combine cryptographic techniques to create a hybrid cryptographic scheme, with the benefits of confidentiality, integrity, authentication, and non-repudiation Use Microsoft's Azure Key Vault to securely store encryption keys and secrets Build real-world code to use in your own projects Who This Book Is For Software developers with experience in .NET and C#. No prior knowledge of encryption and cryptographic principles is assumed. Front Matter ....Pages i-xviii What Are Data Breaches? (Stephen Haunts)....Pages 1-10 A Brief History of Cryptography (Stephen Haunts)....Pages 11-23 The Importance of Random Numbers (Stephen Haunts)....Pages 25-30 Hashing and Hashed Message Authentication Codes (Stephen Haunts)....Pages 31-46 Safely Storing Passwords (Stephen Haunts)....Pages 47-60 Symmetric Encryption (Stephen Haunts)....Pages 61-84 Asymmetric Encryption (Stephen Haunts)....Pages 85-100 Digital Signatures (Stephen Haunts)....Pages 101-112 Hybrid Encryption (Stephen Haunts)....Pages 113-141 Key Storage and Azure Key Vault (Stephen Haunts)....Pages 143-168 Azure Key Vault Usage Patterns (Stephen Haunts)....Pages 169-205 Final Summary (Stephen Haunts)....Pages 207-221 Back Matter ....Pages 223-228
دانلود کتاب رمزنگاری کاربردی در .NET و Azure Key Vault: راهنمای عملی برای رمزگذاری در .NET و .NET Core