Algorithms and keys

# Algorithms and keys (Windows Runtime apps)

Cryptographic algorithms are procedures that perform cryptographic operations such as encryption, signing, and hashing. Cryptographic algorithms are implemented in algorithm providers. The following providers are available in the Windows.Security.Cryptography.Core namespace.

Algorithm provider classSupported algorithm types

Asymmetric encryption algorithms

Asymmetric signature algorithms

Symmetric encryption algorithms

Hashing algorithms

Message authentication code algorithms

Key derivation algorithms

Encryption algorithms can support symmetric keys or asymmetric keys. Symmetric or secret key encryption requires that the key used to encrypt a message also be used to decrypt the message. Asymmetric or public key encryption requires that the key used to decrypt be different from, but mathematically related to, the key used to encrypt. One of the keys is called private and kept secret. The other key is called public and is typically released to interested parties. Either key can be used to encrypt as long as the other is used to decrypt. A single key cannot be used to perform both functions.

A key is a pseudo random number used as input to an algorithm to encrypt, decrypt, sign data, or compute a message authentication code (MAC). Because it is easier to protect a key than an algorithm, using keys eliminates the need to keep an algorithm secret. All of the algorithms implemented by Microsoft are defined by publicly available standards. The strength of the key is related to its bit length. The greater the bit length, the stronger the key.

You can create, import, and export keys in an app, but you cannot store the keys you create or import. The following table shows methods you can use to create or import keys.

ClassMethodDescription

Creates an asymmetric key pair.

Imports an asymmetric key pair into a CryptographicKey object.

Imports the public portion of an asymmetric key pair into a CryptographicKey object.

Creates a symmetric key.

Derives a key from a secret agreement value created from a public/private key pair.

Exports a key into a buffer.

Exports the public portion of a public/private key pair into a buffer.

Encryption

Show: