Sorry, encryption newbie here. Can someone provide some feedback on this AES encryption algorithm?
Public Shared Function SampleEncryptAES2Base64(ByVal dataToEncrypt As String, ByVal Password As String) As String Dim keyBytes As Byte() = UTF8Encoding.UTF8.GetBytes(Password) Dim rfc As New Rfc2898DeriveBytes(Password, keyBytes, 1000) ' Use the AES managed encryption provider Dim encryptor As New AesManaged() encryptor.Key = rfc.GetBytes(16) encryptor.IV = rfc.GetBytes(16) Using ms As New MemoryStream() Using encrypt As New CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write) Dim dataBytes As Byte() = New UTF8Encoding(False).GetBytes(dataToEncrypt) encrypt.Write(dataBytes, 0, dataBytes.Length) encrypt.FlushFinalBlock() encrypt.Close() Return Convert.ToBase64String(ms.ToArray()) End Using End Using End Function
As for the key-IV issue: if I created a new variable as "rfcIV" as below with a different number of iterations as below, would this be more secure/random as the IV?
Open in new window