Symmetric algorithms always use the same key for encryption and decryption and they are fast for encryption and ecryption.
The next table lists symmetric algorithms supported by .NET:
Valid Key Size
Maximum Key Size
The strength of the encryption corresponds to the key size. In case of the greater the key size, the harder it is for a brute-force attack to succeed, because there are far more possible key values to test. Keep in mind that the greater symmetric key sizes lead to larger messages and slower encryption times. In most cases, a good standard choice is Rijndael, because it offers solid performance and support for large key sizes.
The major problems with symmetric algorithms are:
When you are using symmetric algorithms to exchange data between two applications hosted by different parties, you have to exchange the key in a secure way.
When you use the symmetric key for a longer period of time, attackers might have enough time to decrypt traffic by just trying any valid combination of bits in a key. With an increasing bit size, the strength of the key increases, but you should use a different key in regular intervals.
|Long-term key management|
If you have to update keys in regular intervals, you have to exchange them in regular intervals, which might lead to additional security risks. In addition, you have to store the key in a secure place.