I am using the following code to generate an encrypted token:
var ticket = new System.Web.Security.FormsAuthenticationTicket(
2,
"",
DateTime.Now,
DateTime.Now.AddMinutes(10),
false,
"user id here");
var cipherText = System.Web.Security.FormsAuthentication.Encrypt(ticket);
This code uses the key and algorithm specified in app/web.config :
<system.web>
<machineKey validationKey="SOME KEY"
decryptionKey="SOME OTHER KEY"
validation="SHA1" />
</system.web>
Now suppose I give the cipher text thus generated to a partner. Is he capable of brute forcing:
- The value that is stored in the cipher (the user id which does not represent sensitive information and it doesn’t bother me much)
- The value of the validationKey and decryptionKey used to create the cipher (this would be catastrophic because he would be capable of generating tokens and impersonating any user)
I suppose the answer to both questions is yes, but how realistic his chances are and do you think giving him the cipher would represent a security threat to my system? Thanks in advance for your responses.
What you describe here is a known plaintext attack. The attacker learns both plaintexts and the corresponding ciphertexts and his goal is to find the keys. Modern ciphers are designed to be secure against this kind of attacks.
In fact any modern cipher is designed to be secure against even stronger attacks such as chosen plaintext attacks and chosen cipher text attacks. Even if the attacker is allowed to choose plaintext and corresponding ciphertext or choose any number of ciphertexts and learn the decryption of it, then he/she should still not be able to learn the key.
This makes designing a new cipher very hard. But fortunately, we already have good ciphers such as AES.
I should also add that all the attacks above assume that the attacker knows all the details of the cipher that is used. The only thing he does not know is the key that is used. This is known as Kerkhoff’s principle.