4

I am looking to symmetrically encrypt/decrypt information in a database. This info consists of short pieces of information, which need to be individually encrypted when a specific method is called.

I have been researching using AES_256 in GCM mode, but keep coming across the recommendation that I should not "roll my own cryptography protocol". see these links for examples

Lessons learned and misconceptions regarding encryption and cryptology

https://stackoverflow.com/questions/4453724/aes-encryption-of-files-with-python

I need to actually incorporate the encrypting/decrypting in code.

Can I viably use GPG or PGP to encrypt/decrypt code, and if so how?

If not, any suggestions as to the best library to use for AES in GCM would be appreciated.

Thanks

crawfish
  • 279
  • 1
  • 6
  • 1
    Does PGP actually implement GCM? I think the format is too old for GCM, and it doesn't need the random-access properties. Can't you use Windows's built-in CNG API? It supports GCM from Vista SP1 onwards - see [the features page](http://msdn.microsoft.com/en-us/library/windows/desktop/bb204775.aspx). – Rup Jul 10 '12 at 16:51
  • See: http://crypto.stackexchange.com/questions/14/how-can-i-use-asymmetric-encryption-such-as-rsa-to-encrypt-an-arbitrary-length – Andrei Botalov Jul 12 '12 at 21:40

1 Answers1

3

The central part of PGP/GPG is the asymmetric cryptography. It does not make sense to use GPG without that part because the rest is just simple symmetric en-/decryption.

Using the cipher algorithms from GPG also does not make sense as Dot.Net has them already implemented. I am not sure if the GCM mode is also present but if not you can still use the Dot.Net version of BounyCastle, which has GCM support.

Since you don't have a database provider that supports encryption, in my opinion your only option is to develop your "own protocol".

How many keys to use and how to cipher what with which key depends on the security needs of the data you are storing. Make sure to discuss your final design intensively here on Stackoverflow or on the IT Security branch.

BTW: Even if GCM outputs a cipher text exactly as long as the plain text it requires further parameters like IV and authentication tag (auth tag is optional) which have to be saved. Therefore the data to be saved is again larger than the plain text. But as long as you don't have millions of records this doesn't make IMHO a big difference nowadays.

Robert
  • 1,373
  • 2
  • 12
  • 13