What is the most crypto-resistive algorithm to safely send information?

Question

What algorithm is the best to use for storing, sending passwords, account data, and other information between desktop apps over the network.

Looking for the best crypto-resistive algorithm to use in C# applications.

The information I want to send is likke this:

{
    "UserUniqueId":"",
    "TransactionId":"",
    "TextMessage":"",
    ...
}

The information is transfered between two applications on desktop. Looking for attack resistant algorithm so when I recieve this information on other side, I need to decrypt it.

Sending information over TCP client/server.

So you're trying to send information between two applications on the same machine? — Hector, Oct 04 '17 at 14:25
https://msdn.microsoft.com/en-us/library/system.net.security.sslstream(v=vs.110).aspx — Hector, Oct 04 '17 at 14:40
Be careful with how you handle keys/certificates. If your desktop applications are communicating directly (i.e. not via a server you control) then you need a keypair per client (if you ship a standard key/certificate with your client then what stops me from extracting it?). You then need a way to securely communicate this between clients. — Hector, Oct 04 '17 at 15:08
the most secure (perfect) is a One Time Pad, if you can manage it's implementation. — dandavis, Oct 05 '17 at 20:48

score 3 · Answer 1 · answered Oct 04 '17 at 13:51

There is not a known answer to this. There are algorithms that are viewed as secure and algorithms that aren't - "secure" algorithms may contain flaws but to date they are not publicly known. Schneier suggests with a perfect algorithm a 256 bit key would need more energy than a supernova to brute force. So any secure algorithm with a key length of 256 bits or more should be fine.

What algorithm is the best to use for storing, sending passwords, account data, and other information between apps over the network.

I would highly suggest using SSL to send data over a network. There are ample resources online available for choosing appropriate algorithms for key exchange, cipher and hashing. The lazy way to do this in C# is HTTPS.

Passwords should never be stored encrypted. Use a salted hash. Or more specifically use a library which implements something like PBKDF2 with a long random salt. A quick skim doesn't show any issues with this C# guide.

I updated question with infoo what I want to send between apps — Markiian Benovskyi, Oct 04 '17 at 13:59

score 0 · Answer 2 · answered Oct 04 '17 at 13:42

I'm assuming by "crypto-resistive" you mean resistant to attacks. This is necessary, but to choose the best algorithm for your needs, you need to be much more specific.

Different algos have different advantages depending on what they're encrypting and what your priorities are for latency/storage/security across all elements of the data pipeline.

So... you'll need to provide more information.

What is the most crypto-resistive algorithm to safely send information?

2 Answers2