Modern Examples of Symmetric Authenticated Encryption of a string. <\/p>\n
The general best practice for symmetric encryption is to use Authenticated Encryption with Associated Data (AEAD), however this isn't a part of the standard .net crypto libraries. So the first example uses AES256 and then HMAC256, a two step Encrypt then MAC, which requires more overhead and more keys. <\/p>\n
The second example uses the simpler practice of AES256-GCM using the open source Bouncy Castle (via nuget). <\/p>\n
Both examples have a main function that takes secret message string, key(s) and an optional non-secret payload and return and authenticated encrypted string optionally prepended with the non-secret data. Ideally you would use these with 256bit key(s) randomly generated see NewKey(). <\/p>\n
Both examples also have a helper methods that use a string password to generate the keys. These helper methods are provided as a convenience to match up with other examples, however they are far less secure because the strength of the password is going to be far weaker than a 256 bit key. <\/p>\n
Update: Added byte[] overloads, and only the Gist has the full formatting with 4 spaces indent and api docs due to StackOverflow answer limits. <\/p>\n
.NET Built-in Encrypt(AES)-Then-MAC(HMAC) [Gist] <\/p>\n
Bouncy Castle AES-GCM [Gist] <\/p>\n
<\/p>\n