Intro; Table of Contents; About the Author; About the Technical Reviewer; Foreword; Introduction; Chapter 1: What Are Data Breaches?; Types of Data in a Breach and Their Consequences; The Impact on a Company; Financial Loss; Legal Action; Regulatory Impact; Loss of Reputation; Why Network Protection Isn't Enough; How Can Developers Help?; What Can You Expect from This Book?; What You Will Learn; .NET Standard and .NET Core; Code Samples in This Book; Chapter 2: A Brief History of Cryptography; Ancient Times; Increasing Cipher Complexity; Enigma and Mechanical Ciphers; Modern Cryptography
Symmetric EncryptionPublic and Private Key Cryptography; Why Is Cryptography Important?; Examples of Modern Cryptography; The Four Pillars of Modern Cryptography; Confidentiality; Integrity; Authentication; Non-Repudiation; Summary; Chapter 3: The Importance of Random Numbers; Generating Deterministic Random Numbers; Generating Secure Random Numbers; Summary; Chapter 4: Hashing and Hashed Message Authentication Codes; Hashing and Integrity; MD5; Secure Hash Algorithm (SHA) Family; Authenticated Hashing; Summary; Chapter 5: Safely Storing Passwords; Storing Passwords in the Clear
Encrypting PasswordsUsing Hashes to Store Passwords; Using Password Based Key Derivation Functions; Summary; Chapter 6: Symmetric Encryption; Symmetric Encryption; Advantage: Very Secure; Advantage: Fast; Disadvantage: Sharing Keys Is Hard; Disadvantage: Dangerous If Compromised; History of DES and Triple DES; How DES and Triple DES Works; History of AES; How AES Works; How Secure Is AES Against Brute-Force Attacks?; API Commonality in the .NET Framework; Encryption Mode; Padding; Key; Initialization Vector (IV); AesManaged and AesCryptoServiceProvider
Performing Symmetric Encryption with .NETSummary; Chapter 7: Asymmetric Encryption; Advantage: Very Secure; Advantage: Fast; Disadvantage: Sharing Keys Is Hard; Disadvantage: Dangerous If Compromised; What Is Asymmetric Encryption?; The History of RSA; How Does RSA Work?; Key Derivation; Encryption and Decryption; RSA in .NET; In-Memory Keys; XML-Based Keys; Cryptographic Service Provider; Encryption and Decryption; Summary; Chapter 8: Digital Signatures; High-Level Look at Digital Signatures; Digital Signatures in .NET; Summary; Chapter 9: Hybrid Encryption
Combining Symmetric and AsymmetricAdding Integrity Checks; Securely Comparing Byte Arrays; Extending with Digital Signatures; Summary; Chapter 10: Key Storage and Azure Key Vault; Exploring Key Management Options; Introducing Azure Key Vault; Azure Key Vault Hardware Mode; Azure Key Vault Software Mode; Keys vs. Secrets; Azure Key Vault Example Costs; Setting up Azure Key Vault; Creating a Key Vault; Registering Your Application with Azure Active Directory; Authorize Your Application to Use Keys and Secrets; Manually Creating Keys and Secrets; Add a Software Protected Key