Algorithms and keys (Windows Runtime apps)
[ This article is for Windows 8.x and Windows Phone 8.x developers writing Windows Runtime apps. If you’re developing for Windows 10, see the latest documentation ]
Cryptographic algorithms are procedures that perform cryptographic operations such as encryption, signing, and hashing. Cryptographic algorithms are implemented in algorithm providers. The following providers are available in the Windows.Security.Cryptography.Core namespace.
| Algorithm provider class | Supported algorithm types |
|---|---|
Asymmetric encryption algorithms Asymmetric signature algorithms |
|
Symmetric encryption algorithms |
|
Hashing algorithms |
|
Message authentication code algorithms |
|
Key derivation algorithms |
Encryption algorithms can support symmetric keys or asymmetric keys. Symmetric or secret key encryption requires that the key used to encrypt a message also be used to decrypt the message. Asymmetric or public key encryption requires that the key used to decrypt be different from, but mathematically related to, the key used to encrypt. One of the keys is called private and kept secret. The other key is called public and is typically released to interested parties. Either key can be used to encrypt as long as the other is used to decrypt. A single key cannot be used to perform both functions.
A key is a pseudo random number used as input to an algorithm to encrypt, decrypt, sign data, or compute a message authentication code (MAC). Because it is easier to protect a key than an algorithm, using keys eliminates the need to keep an algorithm secret. All of the algorithms implemented by Microsoft are defined by publicly available standards. The strength of the key is related to its bit length. The greater the bit length, the stronger the key.
You can create, import, and export keys in an app, but you cannot store the keys you create or import. The following table shows methods you can use to create or import keys.
| Class | Method | Description |
|---|---|---|
Creates an asymmetric key pair. |
||
Imports an asymmetric key pair into a CryptographicKey object. |
||
Imports the public portion of an asymmetric key pair into a CryptographicKey object. |
||
Creates a symmetric key. |
||
Derives a key from a secret agreement value created from a public/private key pair. |
||
Exports a key into a buffer. |
||
Exports the public portion of a public/private key pair into a buffer. |