ECC-based security from Certicom for the Microsoft .NET Framework PDF Print E-mail

Superior ECC-based security for Microsoft Windows .NET-based applications and devices

Download Certicom Security for .NET Framework (PDF) now.

Ask Our Experts

Evaluate Product

 

Challenge

Producing applications for constrained devices such as smart phones and PDAs is challenging enough without security and interoperability hurdles.

By definition, a mobile device must interoperate with a host of other applications, devices and networks; and because of its exposure and mobility, it demands the same level of security as equivalent desktop environments. Typical desktop environments benefit from the additional security of established security policies and a fixed location behind locked doors and security personnel. But wireless networking creates additional security challenges including the potential for loss or theft of a wireless device nearly anywhere.

To address interoperability issues, many developers have turned to the universal runtime and common standards of the Microsoft .NET Framework in desktop implementations and .NET Compact Framework in mobile ones.

The multiple-language capability of the .NET Framework enables developers to use the programming language that is most appropriate for a given task and to combine languages within a single application. Components built for .NET can be used easily by any of the 20+ approved .NET languages. With this flexibility, developers can quickly convert to the .NET Framework and then to .NET Compact Framework if necessary. This allows software vendors to leverage valuable existing code.

However, when it comes to porting cryptographic functions from existing desktop applications to the .NET Framework, and from the .NET Framework to .NET Compact Framework, developers are severely constrained. Only a limited number of cryptographic classes are available for use with the .NET Framework. In some cases, this means that developers must choose between abandoning some security functions from their previous code base or taking time to create new .NET Framework crypto classes and wrappers that will accommodate them.

Furthermore, despite the increased importance of security for mobile platforms, developers cannot seamlessly port cryptographic functions between the .NET Framework and .NET Compact Framework. Instead, they must first spend development time manually creating code wrappers to enclose these native cryptographic functions for use on a Windows Mobile™-based device.

To remain competitive, software vendors know they must join the .NET Framework revolution but can ill afford to sacrifice hard won, must-have security functionality. How can they port existing security to the .NET Framework or .NET Compact Framework architectures without losing time and money on a custom solution?

Solution

Rather than slip competitive development schedules and strain already tight project budgets, software vendors can rely on expert third-party support to supply new crypto classes for .NET Framework implementations. Likewise, pre-packaged code wrappers would allow developers to reuse .NET Framework crypto classes in .NET Compact Framework architectures.

An expanded number of .NET Framework crypto classes would allow for additional high-security functions. For example, new classes could accommodate elliptic curve cryptography (ECC) algorithms that significantly enhance both security and competitive advantage.

ECC is a highly efficient form of public key cryptography that offers the same high security of other public key technologies while using much smaller key sizes. Maintaining high performance while minimizing the consumption of bandwidth and processing power is valuable for all networks but it is imperative in constrained and wireless environments.

Ideally, the same solution would also provide the necessary code wrappers for porting to the .NET Compact Framework. These would allow Windows Mobile™ applications working in the .NET Compact Framework to use standard crypto classes such as 3DES and AES, as well as any expanded list of new high-security crypto classes.

A comprehensive solution should also function inside the .NET Common Language Runtime environment as managed code. This would offer the dual advantage of leveraging the existing operating system interaction available to all managed code, while still allowing calls to the native, unmanaged code contained within the wrappers. This would be of enormous benefit to programmers who could build on existing code bases in a variety of languages such as C, C++, Visual Basic and many others rather than discard them. Once built, wrapped code can be used and reused in any appropriate .NET Framework application.

Finally, any solution should support a range of platforms for the widest possible market.

Ideal .NET Compact Framework cryptographic function check list

  • offers all standard .NET crypto classes
  • includes additional new high security .NET crypto classes
  • supports a range of platforms
  • functions as managed code within Common Language Runtime environment
  • leverages existing multi-lingual code base

 

The Implementation

With the introduction of Security Builder® Crypto™-C#, Certicom’s cross-platform cryptographic toolkit has been extended to include new .NET Framework crypto classes designed to the same standard as those supported by Microsoft. Only available from Certicom, these new crypto classes allow developers to add ECC to desktop .NET Framework-based applications through a standard Microsoft application program interface (API).

Moreover, Security Builder Crypto-C# also includes .NET Compact Framework code wrappers for most cryptographic algorithms. Designed for seamless porting to the .NET Compact Framework architecture, Security Builder Crypto-C# ensures your native security features function as managed code. Security Builder Crypto-C# supports the following algorithms and platforms within the .NET Framework:

Supported algorithms

  • symmetric key functions – DES/3DES/AES
  • hashing algorithms – MD5/SHA-1/SHA-256/SHA-384/SHA-512
  • public key encryption – RSA
  • digital signatures – RSA/DSA/ECDSA

Supported Operating Systems and Processors

  • Desktop .NET Framework-based applications on x86 processors
  • Pocket PC 2003 Windows Mobile on ARM processors
  • Pocket PC 2003 Emulator on x86 processors

Certicom is the only third-party cryptography supplier to provide .NET Framework crypto classes for elliptic curve digital signatures (ECDSA). Code size for complete implementation is approximately 220 KB.

As more of the industry migrates to .NET Frameworks, Security Builder Crypto-C# will be extended to include further .NET Framework classes and functionality such as:

  • additional elliptic curves beyond 163K1
  • elliptic curve integrated encryption system (ECIES)
  • elliptic curve Diffie Helman (ECDH) for SSL
  • seamless replacement

 

Migration to .NET Compact Framework Diagram

C Sharp Diagram

 

The diagram shows how Security Builder® Crypto™-C# can help port an existing desktop Windows 32 client to a new desktop .NET Framework-based client, or a Windows Mobile™ client. Likewise, an application for a mobile device can take advantage of new .NET cryptography classes delivered from a central server.

Once operational, the Windows Mobile™ device relies on Certicom’s managed code wrappers and unique ECDSA cryptography class for efficient and trusted communication with the Web Applications Server.

Results

Security Builder Crypto-C# by Certicom allows developers and vendors to seamlessly port ECC-based security between the following architectures:

  • from existing desktop to desktop .NET Framework
  • from existing desktop to .NET Compact Framework
  • from the .NET Framework to .NET Compact Framework

Adding cryptography functions to a .NET Compact Framework implementation allows a vendor to offer superior security applications for Pocket PCs and embedded systems running Windows CE.NET.

Users also benefit from new .NET Framework cryptography classes that are only available from Certicom. Designed to the same standard as those supported by Microsoft, these classes integrate into the .NET Framework architecture with ease.

Software vendors who choose Security Builder Crypto-C# to transition security functions into the .NET Framework can evolve into new and growing markets with highly efficient security. This not only leverages the vendor’s investment in their existing code base but also maintains the competitive advantage associated with superior security.

Finally, using new crypto classes and code wrappers from Certicom rather than producing them manually accelerates release schedules by cutting development time 50% or more.

Download Certicom Security for .NET Framework (PDF) now or contact sales now to find out how they can help you.