My boss wants me to encrypt some information used during data transfer. The individual strings to be encrypted are between eight and twenty characters long. A single password must be used to encrypt and decrypt so I need a symmetric alogrithm. I don't want to roll my own - I want to use one built into .NET from C#.

So, which algorithm is best?

TripleDes ?

You can use the System.Security.Cryptography.TripleDESCryptoServiceProvider

Small amount of code to encrypy/decrypt... does exactly what it says on the tin :)

TripleDES is a very good option, but you can also consider AesCryptoServiceProvider (AES), which is a modern symmetric cipher.

Here is encrypt & decrypt function with des3 encryption

''' <summary>
''' Encrypts a memory string (i.e. variable).
''' </summary>
''' <param name="data">String to be encrypted.</param>
''' <param name="key">Encryption key.</param>
''' <param name="iv">Encryption initialization vector.</param>
''' <returns>Encrypted string.</returns>
Public Shared Function Encrypt(ByVal data As String, ByVal key As String, ByVal iv As String) As String
    Dim bdata As Byte() = Encoding.ASCII.GetBytes(data)
    Dim bkey As Byte() = HexToBytes(key)
    Dim biv As Byte() = HexToBytes(iv)

    Dim stream As MemoryStream = New MemoryStream
    Dim encStream As CryptoStream = New CryptoStream(stream, des3.CreateEncryptor(bkey, biv), CryptoStreamMode.Write)

    encStream.Write(bdata, 0, bdata.Length)
    encStream.FlushFinalBlock()
    encStream.Close()

    Return BytesToHex(stream.ToArray())
End Function

''' <summary>
''' Decrypts a memory string (i.e. variable).
''' </summary>
''' <param name="data">String to be decrypted.</param>
''' <param name="key">Original encryption key.</param>
''' <param name="iv">Original initialization vector.</param>
''' <returns>Decrypted string.</returns>
Public Shared Function Decrypt(ByVal data As String, ByVal key As String, ByVal iv As String) As String
    Dim bdata As Byte() = HexToBytes(data)
    Dim bkey As Byte() = HexToBytes(key)
    Dim biv As Byte() = HexToBytes(iv)

    Dim stream As MemoryStream = New MemoryStream
    Dim encStream As CryptoStream = New CryptoStream(stream, des3.CreateDecryptor(bkey, biv), CryptoStreamMode.Write)

    encStream.Write(bdata, 0, bdata.Length)
    encStream.FlushFinalBlock()
    encStream.Close()

    Return Encoding.ASCII.GetString(stream.ToArray())
End Function

.net security classes:

Hash

* MD5
* MD5Cng
* SHA1
* SHA1Managed
* SHA1Cng
* SHA256
* SHA256Managed
* SHA256Cng
* SHA384
* SHA384Managed
* SHA384Cng
* SHA512
* SHA512Managed
* SHA512Cng

Symmetric Encryption: Uses the same key for encryption and decryption.

* DES
* DESCryptoServiceProvider
* TripleDES
* TripleDESCryptoServiceProvider
* Aes
* AesCryptoServiceProvider
* AesManaged
* RC2
* RC2CryptoServiceProvider
* Rijandel
* RijandelManaged

Asymmetric Encryption: Uses different keys for encryption and decryption.

* DSA
* DSACryptoServiceProvider
* ECDsa
* ECDsaCng
* ECDiffieHellman
* ECDiffieHellmanCng
* RSA
* RSACryptoServideProvider

You could just use RSA encryption, since these are short strings, which will make key exchange simpler.

How much you can encrypt with RSA is based on the key length.

I am a fan of the rsa library from bouncy castle.

DES is pretty much obsolete at this point. Here is the Wikipedia. If you are changing the key a lot, it might be adequate, but if you are relying on a key for a while, AES seems like a better choice.

Of course it is a question of how much protection you need. But AES is build right in there too.

I have used AES for small strings, and it works nice.

What I have read about TripleDES is that since DES is easily crackable, TripleDES is still not substantial.