If you missed this month's c# user group meeting, you definately missed out on some good information.

Chris Wallace started out by showing us the slick new profiling capabilities in VSTS 2005 for a few minutes. This will certainly be a handy set of tools available in VSTS.

Then Eric Marvets gave the main presentation on .NET Encryption. He did not show us a single line of code (there are plenty of examples on the web), but instead he felt it was more important to teach people how and [more importantly] when to apply or not apply particular cryptographic solutions. We all learned how Electronic Code Book ciphers and Chained Block ciphers work, their attack vectors, and in what situations they work best. We learned why when using CBC, you MUST ALWAYS generate a new Initialization Vector whenever the encrypted data is modified, and just exactly how that IV is used to make certain cryptographic solutions more secure. As a final tidbit of wisdom, we learned how DPAPI, while certainly an improvement over clear-text storage, is fundamentally no more secure than a good DACL.

8 out of 10 doctor's agree - The Atlanta C# Users Group lowers cholesterol while reducing hair loss and brightening your smile!*

* These statements have not been evaluated or approved by the FDA.