Search Results

Search found 2195 results on 88 pages for 'encryption symmetric'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 11/88 | < Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >

  • javax.crypto AES encryption - Do I only need to call doFinal?

    - by Spines
    I want to do AES CBC encryption in Java. I'm using javax.crypto. After I have the Cipher initialized, do I only need to call doFinal on the clear bytes to properly encrypt it? Or do I need to do something with update? Documentation says update: Continues a multiple-part encryption or decryption operation and doFinal Encrypts or decrypts data in a single-part operation, or finishes a multiple-part operation what exactly do they mean by multiple-part encryption?

    Read the article

  • Transparent Data Encryption Helps Customers Address Regulatory Compliance

    - by Troy Kitch
    Regulations such as the Payment Card Industry Data Security Standards (PCI DSS), U.S. state security breach notification laws, HIPAA HITECH and more, call for the use of data encryption or redaction to protect sensitive personally identifiable information (PII). From the outset, Oracle has delivered the industry's most advanced technology to safeguard data where it lives—in the database. Oracle provides a comprehensive portfolio of security solutions to ensure data privacy, protect against insider threats, and enable regulatory compliance for both Oracle and non-Oracle Databases. Organizations worldwide rely on Oracle Database Security solutions to help address industry and government regulatory compliance. Specifically, Oracle Advanced Security helps organizations like Educational Testing Service, TransUnion Interactive, Orbitz, and the National Marrow Donor Program comply with privacy and regulatory mandates by transparently encrypting sensitive information such as credit cards, social security numbers, and personally identifiable information (PII). By encrypting data at rest and whenever it leaves the database over the network or via backups, Oracle Advanced Security provides organizations the most cost-effective solution for comprehensive data protection. Watch the video and learn why organizations choose Oracle Advanced Security with transparent data encryption.

    Read the article

  • Encryption password

    - by George
    I am running Ubuntu 12.04 LTS I thought that everything in my Documents folder was being backed up by Ubuntu1, as everytime I put a file in my documents folder a box popped up stating backing up file. When I looked at the Left hand list of programmes on my desktop screen there was an extra Box in the list. Clicked the Box and it stated encryption Password required. It seems the latest files have not been backed up as an Encryption Password is required. Can anyone explain for me, what is this Encription Password and how do I get it.

    Read the article

  • Transparent Data Encryption (TDE) in SQL Server

    There are several ways to implement encryption in SQL Server; Arshad Ali focuses on Transparent Data Encryption (TDE), which was introduced in SQL Server 2008 and is available in later releases. 24% of devs don’t use database source control – make sure you aren’t one of themVersion control is standard for application code, but databases haven’t caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out…

    Read the article

  • Achieving AES-256 Channel Encryption with the .NET Compact Framework

    - by Ev
    Hi There, I am working on a business application where the clients are Windows Mobile 6.1 Professional devices. The server is a Java enterprise application. The industry working group recommends AES-256 encryption for client/server communications. This is necessary to gain certification. The encryption doesn't necessarily need to be channel encryption, it could be payload encryption. Channel encryption is preferable. The client and server communicate using SOAP/HTTP, which we are yet to implement. We plan to use WCF on the compact framework. In order to alleviate some of the work required to implement manual encryption/decryption, it would be nice if we could achieve the required encryption either at the TLS level, or somehow using the WS-* standards (I'm not particularly familiar with that group of technologies but I am learning right now). The server supports https with 256-bit AES. Does anybody have an idea on the best way to implement this? Thanks in advance.

    Read the article

  • Decrease in disk performance after partitioning and encryption, is this much of a drop normal?

    - by Biohazard
    I have a server that I only have remote access to. Earlier in the week I repartitioned the 2 disk raid as follows: Filesystem Size Used Avail Use% Mounted on /dev/mapper/sda1_crypt 363G 1.8G 343G 1% / tmpfs 2.0G 0 2.0G 0% /lib/init/rw udev 2.0G 140K 2.0G 1% /dev tmpfs 2.0G 0 2.0G 0% /dev/shm /dev/sda5 461M 26M 412M 6% /boot /dev/sda7 179G 8.6G 162G 6% /data The raid consists of 2 x 300gb SAS 15k disks. Prior to the changes I made, it was being used as a single unencrypted root parition and hdparm -t /dev/sda was giving readings around 240mb/s, which I still get if I do it now: /dev/sda: Timing buffered disk reads: 730 MB in 3.00 seconds = 243.06 MB/sec Since the repartition and encryption, I get the following on the separate partitions: Unencrypted /dev/sda7: /dev/sda7: Timing buffered disk reads: 540 MB in 3.00 seconds = 179.78 MB/sec Unencrypted /dev/sda5: /dev/sda5: Timing buffered disk reads: 476 MB in 2.55 seconds = 186.86 MB/sec Encrypted /dev/mapper/sda1_crypt: /dev/mapper/sda1_crypt: Timing buffered disk reads: 150 MB in 3.03 seconds = 49.54 MB/sec I expected a drop in performance on the encrypted partition, but not that much, but I didn't expect I would get a drop in performance on the other partitions at all. The other hardware in the server is: 2 x Quad Core Intel(R) Xeon(R) CPU E5405 @ 2.00GHz and 4gb RAM $ cat /proc/scsi/scsi Attached devices: Host: scsi0 Channel: 00 Id: 32 Lun: 00 Vendor: DP Model: BACKPLANE Rev: 1.05 Type: Enclosure ANSI SCSI revision: 05 Host: scsi0 Channel: 02 Id: 00 Lun: 00 Vendor: DELL Model: PERC 6/i Rev: 1.11 Type: Direct-Access ANSI SCSI revision: 05 Host: scsi1 Channel: 00 Id: 00 Lun: 00 Vendor: HL-DT-ST Model: CD-ROM GCR-8240N Rev: 1.10 Type: CD-ROM ANSI SCSI revision: 05 I'm guessing this means the server has a PERC 6/i RAID controller? The encryption was done with default settings during debian 6 installation. I can't recall the exact specifics and am not sure how I go about finding them? Thanks

    Read the article

  • What alternatives are available for shared folders encryption in Windows 2003 Server?

    - by snakepitar
    People in our company asked to encrypting some of the shared folders published in a local Windows 2003 File Server. The requirements are: Encrypt the files, so only a user or group or users can open them Avoid password protected files. The encryption process should be transparent to the users Though files are encrypted, the backup software (BackupExec) must be able to copy and access binary for verification Cannot install tools/software in user's PCs, they want this to work automatically As we have very little experience managing servers, we'll be grateful for any help or suggestion offered.

    Read the article

  • What is the best way to secure MySQL data on a laptop *without* whole-disk-encryption?

    - by GJ
    I need to have the mysql data on my laptop stored in an encrypted state so that in case of the laptop being lost/stolen it will extremely difficult to recover the data without the password. I don't wish to use whole disk encryption, due to the performance impact it will have on other disk-intensive programs' usage. What could be the ideal solution for me balancing security and performance? Thanks!

    Read the article

  • Lubuntu Full Install on USB Drive with Full Disk Encryption and Grub2

    - by vivi
    I apologise for the wall of text, but I want you to scrutinize my thought-process to make sure there's no mistakes and no other way around it: I wish to have a full install of lubuntu with full disk encryption on one of my usb drives. The laptop I would be booting it from also has windows 7. I want to maintain that OS. From what I've read I must place grub2 on the usb drive so that: If I have the usb plugged in, the laptop would start lubuntu (having USB HD in the BIOS Boot options) If I don't have the usb plugged in, it would normally start windows 7. That's exactly what I want it to do. But: If I install from the normal .iso: Clicking "install lubuntu alongside them" would install it onto my normal HD. Clicking "Erase disk and install lunbuntu" would delete all the stuff I have in my HD and install lubuntu on it. Clicking "Something else" would allow me to choose to install lunbuntu and grub2 onto the usb drive, but would not provide it with encryption. So the normal .iso won't work for what I want. Then I found the alternate .iso and this tutorial: It allows me to install lubuntu with all the options I want and gives me the option to choose where to place the grub2! Hopefully there are no flaws in my train of thought. If there aren't, I have a few questions regarding that tutorial: The author says in his case choosing "Yes to install GRUB to your MBR" installed the grub to the usb drive's mbr. I can't have "in his case". I need to be sure that's what it will do, so that it doesn't mess up the windows boot loader. Choosing "no" would open this window and allow to choose where I want to install the grub. Unfortunately I don't understand which option I should type in the box to install it into the usb drive. Would removing my laptop's Hard Drive ensure that the grub is installed onto the usb drive if i picked first option, "yes"? I apologise once again for the wall of text and appreciate any help you guys can offer me.

    Read the article

  • Integer ID obfuscation techniques

    - by Chris
    Hi there, I'm looking for an easy and reversible method of obfuscating integer IDs. Ideally, I'd want the resulting obfuscation to be at most eight characters in length and non-sequential, meaning that the obfuscation of "1" should look nothing like the obfuscation for "2" and so on. This isn't meant to be secure by any means, so this isn't a huge concern. Additionally, the integers I'll be obfuscating aren't large - between one and 10,000 - but I don't want any collisions, either. Does anybody have any ideas for something that would fit this criteria? Thanks! Chris

    Read the article

  • MVC 2 AntiForgeryToken - Why symmetric encryption + IPrinciple?

    - by Brad R
    We recently updated our solution to MVC 2, and this has updated the way that the AntiForgeryToken works. Unfortunately this does not fit with our AJAX framework any more. The problem is that MVC 2 now uses symmetric encryption to encode some properties about the user, including the user's Name property (from IPrincipal). We are able to securely register a new user using AJAX, after which subsequent AJAX calls will be invalid as the anti forgery token will change when the user has been granted a new principal. There are also other cases when this may happen, such as a user updating their name etc. My main question is why does MVC 2 even bother using symmetric encryption? Any then why does it care about the user name property on the principal? If my understanding is correct then any random shared secret will do. The basic principle is that the user will be sent a cookie with some specific data (HttpOnly!). This cookie is then required to match a form variable sent back with each request that may have side effects (POST's usually). Since this is only meant to protect from cross site attacks it is easy to craft up a response that would easily pass the test, but only if you had full access to the cookie. Since a cross site attacker is not going to have access to your user cookies you are protected. By using symmetric encryption, what is the advantage in checking the contents of the cookie? That is, if I already have sent an HttpOnly cookie the attacker cannot override it (unless a browser has a major security issue), so why do I then need to check it again? After having a think about it it appears to be one of those 'added layer of security' cases - but if your first line of defence has fallen (HttpOnly) then the attacker is going to get past the second layer anyway as they have full access to the users cookie collection, and could just impersonate them directly, instead of using an indirect XSS/CSRF attack. Of course I could be missing a major issue, but I haven't found it yet. If there are some obvious or subtle issues at play here then I would like to be aware of them.

    Read the article

  • Standard way to hash an RSA key?

    - by Adam J.R. Erickson
    What's the algorithm for creating hash (sha-1 or MD5) of an RSA public key? Is there a standard way to do this? Hash just the modulus, string addition of both and then take a hash? Is SHA-1 or MD5 usually used? I want to use it to ensure that I got the right key (have the sender send a hash, and I calculate it myself), and log said hash so I always know which exact key I used when I encrypt the payload.

    Read the article

  • what is file verification system for php project or licence checking the configuration files

    - by Jayapal Chandran
    Hi, My colleague asked me a question like "license check to config file". when i searched i got this http://www.google.com/search?q=file+verification+system&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a and in the result i got this http://integrit.sourceforge.net/texinfo/integrit.html but could not grasp much of its idea. Here is my thoughts... Our project is written in codeigniter. The project owner is providing it to their customer. The owner is a business partner with that concept. Besides, the owner needs control of the project code so that the customer will not break rules with him like changing the code or moving it go another server or validity. So the owner needs a system to enable disable the site. Let me give an example... owner.com will have an admin panel where he can either disable or enable the client.com. when he disables the client.com should display a custom message instead of loading the files. client.com is written i a way that i will process requests from owner.com and also the other way round. so, here i want a list of the concepts with which we can implement the ownership and control over client.com any suggestions, links, references, answers will be helpful. If i am missing something in my question i will update my question according to your comments if any so that the users can give in their idea without confusing of what i had asked. THX

    Read the article

  • How to match ColdFusion encryption with Java 1.4.2?

    - by JohnTheBarber
    * sweet - thanks to Edward Smith for the CF Technote that indicated the key from ColdFusion was Base64 encoded. See generateKey() for the 'fix' My task is to use Java 1.4.2 to match the results a given ColdFusion code sample for encryption. Known/given values: A 24-byte key A 16-byte salt (IVorSalt) Encoding is Hex Encryption algorithm is AES/CBC/PKCS5Padding A sample clear-text value The encrypted value of the sample clear-text after going through the ColdFusion code Assumptions: Number of iterations not specified in the ColdFusion code so I assume only one iteration 24-byte key so I assume 192-bit encryption Given/working ColdFusion encryption code sample: <cfset ThisSalt = "16byte-salt-here"> <cfset ThisAlgorithm = "AES/CBC/PKCS5Padding"> <cfset ThisKey = "a-24byte-key-string-here"> <cfset thisAdjustedNow = now()> <cfset ThisDateTimeVar = DateFormat( thisAdjustedNow , "yyyymmdd" )> <cfset ThisDateTimeVar = ThisDateTimeVar & TimeFormat( thisAdjustedNow , "HHmmss" )> <cfset ThisTAID = ThisDateTimeVar & "|" & someOtherData> <cfset ThisTAIDEnc = Encrypt( ThisTAID , ThisKey , ThisAlgorithm , "Hex" , ThisSalt)> My Java 1.4.2 encryption/decryption code swag: package so.example; import java.security.*; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.*; public class SO_AES192 { private static final String _AES = "AES"; private static final String _AES_CBC_PKCS5Padding = "AES/CBC/PKCS5Padding"; private static final String KEY_VALUE = "a-24byte-key-string-here"; private static final String SALT_VALUE = "16byte-salt-here"; private static final int ITERATIONS = 1; private static IvParameterSpec ivParameterSpec; public static String encryptHex(String value) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(_AES_CBC_PKCS5Padding); ivParameterSpec = new IvParameterSpec(SALT_VALUE.getBytes()); c.init(Cipher.ENCRYPT_MODE, key, ivParameterSpec); String valueToEncrypt = null; String eValue = value; for (int i = 0; i < ITERATIONS; i++) { // valueToEncrypt = SALT_VALUE + eValue; // pre-pend salt - Length > sample length valueToEncrypt = eValue; // don't pre-pend salt Length = sample length byte[] encValue = c.doFinal(valueToEncrypt.getBytes()); eValue = Hex.encodeHexString(encValue); } return eValue; } public static String decryptHex(String value) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(_AES_CBC_PKCS5Padding); ivParameterSpec = new IvParameterSpec(SALT_VALUE.getBytes()); c.init(Cipher.DECRYPT_MODE, key, ivParameterSpec); String dValue = null; char[] valueToDecrypt = value.toCharArray(); for (int i = 0; i < ITERATIONS; i++) { byte[] decordedValue = Hex.decodeHex(valueToDecrypt); byte[] decValue = c.doFinal(decordedValue); // dValue = new String(decValue).substring(SALT_VALUE.length()); // when salt is pre-pended dValue = new String(decValue); // when salt is not pre-pended valueToDecrypt = dValue.toCharArray(); } return dValue; } private static Key generateKey() throws Exception { // Key key = new SecretKeySpec(KEY_VALUE.getBytes(), _AES); // this was wrong Key key = new SecretKeySpec(new BASE64Decoder().decodeBuffer(keyValueString), _AES); // had to un-Base64 the 'known' 24-byte key. return key; } } I cannot create a matching encrypted value nor decrypt a given encrypted value. My guess is it's something to do with how I'm handling the initial vector/salt. I'm not very crypto-savvy but I'm thinking I should be able to take the sample clear-text and produce the same encrypted value in Java as ColdFusion produced. I am able to encrypt/decrypt my own data with my Java code (so I'm consistent) but I cannot match nor decrypt the ColdFusion sample encrypted value. I have access to a local webservice that can test the encrypted output. The given ColdFusion output sample passes/decrypts fine (of course). If I try to decrypt the same sample with my Java code (using the actual key and salt) I get a "Given final block not properly padded" error. I get the same net result when I pass my attempt at encryption (using the actual key and salt) to the test webservice. Any Ideas?

    Read the article

  • Week in Geek: Google Strengthens Encryption on Gmail and Other Services

    - by Asian Angel
    This week’s edition of WIG is filled with news link goodness such as Google’s work on strengthening encryption for its services, Mozilla’s progress on silent updates, AT&T’s thwarting of a hacking attack on mobile accounts, a giveaway contest for LastPass Pro subscriptions, and more. How to See What Web Sites Your Computer is Secretly Connecting To HTG Explains: When Do You Need to Update Your Drivers? How to Make the Kindle Fire Silk Browser *Actually* Fast!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 7 8 9 10 11 12 13 14 15 16 17 18  | Next Page >