Key Length TripleDESCryptoServiceProvider

Topics: Cryptography Application Block
Jan 8, 2010 at 10:14 PM


Thanks for reading this post.

I am using TripleDES algorithm and was asked to use Key of atleast 128 bits, I am not sure what is the Length of the Key generated by Cryptographic Key Wizard.

1. Any Idea what is the Lenght of the Key produced by the Cryptographic Key Wizard ?

2. Is there a way to change the length of the Key?

3. Can I generate Key using some other source with Key size 128 and use it with Cryptography Application Block? If yes Any Idea How?

Any guidance would be helpful.


Jan 11, 2010 at 2:23 AM


1.  Using the TripleDES algorithm, the Cryptographic Key Wizard will generate a key of length 24 and size of 192.

2.  You would have to create a custom symmetric provider which just essentially wraps a symmetric algorithm  you want and have the KeySize property configurable by retrieving the value from the Attributes property collection.

3.  Yes, there is an option in the wizard that lets you use an existing key.


Sarah Urmeneta
Global Technology & Solutions
Avande, Inc.

Jan 11, 2010 at 7:53 PM


Thanks for replying to my post. I have tried to look up almost 101 posts with CAB Tag to find the details I need below, but with no luck. So, I am posting again. Any details on the below would be helpful.

1. with respect to item 1, what is the difference between Key Size and Key Length? I was thinking they are same.

2. Would you have any sample code or documentation which will guide me to change the Key Size in App Block?

3. What are the other sources which I can use as a Key?

4. I tried using the private key(.pfx) from entrust certificate. The Key wizard didn't generate a Key file when I used the Import option. Is this possible? How?

Jan 13, 2010 at 3:00 AM

1.  The KeySize is the size in bits of of the key generated by the algorithm (algorithm.KeySize).  Well the length, it's just the Length property of the byte array.

I retract my statements #2 and 3.

2.  You would have to modify the source code, specifically the SymmetricKeyGenerator class.  You at least need to modify the GenerateUnprotectedKey method by setting the algorithm.KeySize property before calling algorithm.GenerateKey().  The problem you need to solve here is that different symmetric algorithms supports different number of bits so you can't just directly assign a KeySize value.

3. We missed this in the documentation under the Usage Notes topic for the Cryptography Application Block:

  • When you import a key for an algorithm, you must select a key file that was exported for the same algorithm type. If you select a key for a different algorithm type, you will receive an exception at application run time.

    So the answer to your question #3 from your initial posting is no. 


    Sarah Urmeneta
    Global Technology & Solutions
    Avande, Inc.