Bill's Security Tips

Home  [Bill's Home]

Rijndael (/AES)

AES (or Rijndael) is the new replacement for DES, and uses 128-bit blocks with 128, 192 and 256 bit encryption keys. It was selected by NIST in 2001 (after a five year standardisation process). The name Rijndael comes from its Belgium creators: Joan Daemen and Vincent Rijmen. The key has an IV and a key element, where the IV gives the overall key some variation. In this case the key is 256 bits, and the IV is 128 bits.


Encryption key:


Encrypted stream:


and to test, the decrypted text is:


In this case, if we try "test" as the key, and test message of: "This is a test message" which should get:


Also, a key of "test" with a message of "test" gives:


which is 32 characters, and thus relates to 128 bits, which is the block size (as "test" fits into a single block). All our outputs will thus be a multiple of 32 hex characters.

The code is:

Rijndael myRijndael = new RijndaelManaged();

myRijndael.Key = StringToByte(this.tbKey.Text, 32); // convert to 32 characters - 256 bits
myRijndael.IV = StringToByte("                "); // 16 characters for IV
byte[] key = myRijndael.Key;
byte[] IV = myRijndael.IV;

ICryptoTransform encryptor = myRijndael.CreateEncryptor(key, IV);

MemoryStream msEncrypt = new MemoryStream();
CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write);

// Write all data to the crypto stream and flush it.
csEncrypt.Write(StringToByte(this.tbMessage.Text), 0, StringToByte(this.tbMessage.Text).Length);

// Get the encrypted array of bytes.
byte[] encrypted = msEncrypt.ToArray();

this.tbEncrypt.Text = ByteToString(encrypted);

ICryptoTransform decryptor = myRijndael.CreateDecryptor(key, IV);

// Now decrypt the previously encrypted message using the decryptor
MemoryStream msDecrypt = new MemoryStream(encrypted);
CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read);

this.tbDecrypt.Text = ByteToString(csDecrypt);
catch (Exception ex)

this.tbEncrypt.Text = ex.Message.ToString();