Search Results

Search found 1485 results on 60 pages for 'encrypted'.

Page 13/60 | < Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >

  • Is it possible to get RSA private key knowing public key and set of "original data=>encrypted data"

    - by Riz
    Hi, I work on apllication which allows plugins to access different set of functionality, every plugin provides "initialization string" which sets level of access to different features. Developers send me this strings, and I encrypt them using my 1024 bit RSA private key and send encoded data back. When started, my application decodes encoded data(encoded initialisation string) using built-in public key and if "decoded data != initialization string" it fails to start. So, is it possible to use a database of "initialization string" = "encoded initialization string"(extracted from other plugins) to crack my private key, or make it possible to bruteforce it in reasonable time?

    Read the article

  • Why does a MFC application behaves mysteriously in encrypted hard drive environment.

    - by MauriceL
    I'm working on a bug where I have an MFC application that does weird things when installed in when Sophos Safeguard hard drive encryption is installed. I'm sorry to be so vague here, but I'm writing this away from the office so this is all from my (poor) memory. Three things I've noticed: AfxGetResourceHandle() doesn't return a consistent resource handle. There is a single case where we try to load a string resource, and for some reason, the resource handle that we get from this method is different to all the other stings. Can't construct a CDocumentTemplate. There is a trace error which I cant seem to recall. Will edit and post when I'm in tomorrow. This behaviour appears to manifest in a Visual Studio 2005 version of the project, but not a Visual Studio 2008 version. Unfortunately moving to the 2008 version is not an option. The bug is not always reproducable if I step through with a debugger. Also, bringing up debug message boxes changes the behaviuor, which leads me to think that either there is some kind of race condition going on with the way MFC events are being handled, but I'm not sure how I'll ever know for sure, or even what I can do about it if I did. I think there's some underlying reason that the app is behaving weirdly, but what I've posted are more symptoms. Can anyone think of what I should check for? I've run Windows update on the test environment to ensure everything was up to date, and I've examined the process in procmon to see if the disk encryption stuff was getting in the way and conflicting with files - it didn't appear to be, but it does appear to be involved in some way as our app accesses Sophos related paths in the temp directory.

    Read the article

  • Caesar Cipher Program In C++ [migrated]

    - by xaliap81
    I am trying to write a caesar cipher program in c++. This is my codes template: int chooseKEY (){ //choose key shift from 1-26 } void encrypt (char * w, char *e, int key) { //Encryption function, *w is the text in the beginning, the *e is the encrypted text //Encryption in being made only in letters noy in numbers and punctuations // *e = *w + key } void decrypt (char * e, char *w, int key) { // Decryption function, *e is the text in the beginning, the *w is the decrypted text //Dencryption in being made only in letters no numbers and punctuations // *w = *e - key } void Caesar (char * inputFile, char * outputFile, int key, int mode) { // Read the inputfile which contains some data. If mode ==1 then the data is being //encrypted else if mode == 0 the data is being decrypted and is being written in //the output file } void main() { // call the Caesar function } The program has four functions, chooseKey function have to return an int as a shift key from 1-26. Encrypt function has three parameters, *w is the text in the beginning, *e is the encrypted text and the key is from the choosekey function.For encryption : Only letters have to be encrypted not numbers or punctuation and the letters are counting cyclic. Decrypt function has three parameters *e is the encrypted text, *w is the beginning text and the key. Caesar function has four parameters, inputfile which is the file that contains the beginning text, output file which contains the encrypted text, the key and the mode (if mode==1) encryption, (mode ==0) decryption. This is my sample code: #include <iostream> #include <fstream> using namespace std; int chooseKey() { int key_number; cout << "Give a number from 1-26: "; cin >> key_number; while(key_number<1 || key_number>26) { cout << "Your number have to be from 1-26.Retry: "; cin >> key_number; } return key_number; } void encryption(char *w, char *e, int key){ char *ptemp = w; while(*ptemp){ if(isalpha(*ptemp)){ if(*ptemp>='a'&&*ptemp<='z') { *ptemp-='a'; *ptemp+=key; *ptemp%=26; *ptemp+='A'; } } ptemp++; } w=e; } void decryption (char *e, char *w, int key){ char *ptemp = e; while(*ptemp){ if(isalpha(*ptemp)) { if(*ptemp>='A'&&*ptemp<='Z') { *ptemp-='A'; *ptemp+=26-key; *ptemp%=26; *ptemp+='a'; } } ptemp++; } e=w; } void Caesar (char *inputFile, char *outputFile, int key, int mode) { ifstream input; ofstream output; char buf, buf1; input.open(inputFile); output.open(outputFile); buf=input.get(); while(!input.eof()) { if(mode == 1){ encryption(&buf, &buf1, key); }else{ decryption(&buf1, &buf, key); } output << buf; buf=input.get(); } input.close(); output.close(); } int main(){ int key, mode; key = chooseKey(); cout << "1 or 0: "; cin >> mode; Caesar("test.txt","coded.txt",key,mode); system("pause"); } I am trying to run the code and it is being crashed (Debug Assertion Failed). I think the problem is somewhere inside Caesar function.How to call the encrypt and decrypt functions. But i don't know what exactly is. Any ideas?

    Read the article

  • Shell script to decrypt and move files from one directory to another?

    - by KittyYoung
    So, I have a directory, and in it are several files. I'm trying to decrypt those files and then move them to another directory. I can't seem to figure out how to set the output filename and move it. So, the directory structure looks like this: /Applications/MAMP/bin/decryptandmove.sh /Applications/MAMP/bin/passtext.txt /Applications/MAMP/bin/encrypted/test1.txt.pgp /Applications/MAMP/bin/encrypted/test2.txt.pgp /Applications/MAMP/htdocs/www/decrypted/ For all of the files found in the encrypted directory, I'm trying to decrypt it and then move them into www/decrypted/. I don't know what the filenames in the encrypted directory will be ahead of time (this script will eventually run via cron), so I wanted to just output the decrypted file with the same filename, but without the pgp. So, the result would be: /Applications/MAMP/bin/decryptandmove.sh /Applications/MAMP/bin/passtext.txt /Applications/MAMP/bin/encrypted/ /Applications/MAMP/htdocs/decrypted/test1.txt.pgp /Applications/MAMP/htdocs/decrypted/test2.txt.pgp So, this is all I have so far, and it doesn't work... FILE and FILENAME are both wrong... I haven't even gotten to the moving part of it yet.... Help? I've written exactly one shell script ever, and it was so simple, a monkey could have done it... Feeling out of depth here... pass_phrase=`cat passtext.txt|awk '{print $1}'` for FILE in '/Applications/MAMP/bin/encrypted/'; do FILENAME=$(basename $FILE .pgp) gpg --passphrase $pass_phrase --output $FILENAME --decrypt $FILE done

    Read the article

  • Encrypting an id in an URL in ASP.NET MVC

    - by Chuck Conway
    I'm attempting to encode the encrypted id in the Url. Like this: http://www.calemadr.com/Membership/Welcome/9xCnCLIwzxzBuPEjqJFxC6XJdAZqQsIDqNrRUJoW6229IIeeL4eXl5n1cnYapg+N However, it either doesn't encode correctly and I get slashes '/' in the encryption or I receive and error from IIS: The request filtering module is configured to deny a request that contains a double escape sequence. I've tried different encodings, each fails: HttpUtility.HtmlEncode HttpUtility.UrlEncode HttpUtility.UrlPathEncode HttpUtility.UrlEncodeUnicode Update The problem was I when I encrypted a Guid and converted it to a base64 string it would contain unsafe url characters . Of course when I tried to navigate to a url containing unsafe characters IIS(7.5/ windows 7) would blow up. Url Encoding the base64 encrypted string would raise and error in IIS (The request filtering module is configured to deny a request that contains a double escape sequence.). I'm not sure how it detects double encoded strings but it did. After trying the above methods to encode the base64 encrypted string. I decided to remove the base64 encoding. However this leaves the encrypted text as a byte[]. I tried UrlEncoding the byte[], it's one of the overloads hanging off the httpUtility.Encode method. Again, while it was URL encoded, IIS did not like it and served up a "page not found." After digging around the net I came across a HexEncoding/Decoding class. Applying the Hex Encoding to the encrypted bytes did the trick. The output is url safe. On the other side, I haven't had any problems with decoding and decrypting the hex strings.

    Read the article

  • Can't decrypt after encrypting with blowfish Java

    - by user2030599
    Hello i'm new to Java and i have the following problem: i'm trying to encrypt the password of a user using the blowfish algorithm, but when i try to decrypt it back to check the authentication it fails to decrypt it for some reason. public static String encryptBlowFish(String to_encrypt, String salt){ String dbpassword = null; try{ SecretKeySpec skeySpec = new SecretKeySpec( salt.getBytes(), "Blowfish" ); // Instantiate the cipher. Cipher cipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); //byte[] encrypted = cipher.doFinal( URLEncoder.encode(data).getBytes() ); byte[] encrypted = cipher.doFinal( to_encrypt.getBytes() ); dbpassword = new String(encrypted); } catch (Exception e) { System.out.println("Exception while encrypting"); e.printStackTrace(); dbpassword = null; } finally { return dbpassword; } } public static String decryptBlowFish(String to_decrypt, String salt){ String dbpassword = null; try{ SecretKeySpec skeySpec = new SecretKeySpec( salt.getBytes(), "Blowfish" ); // Instantiate the cipher. Cipher cipher = Cipher.getInstance("Blowfish/CBC/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, skeySpec); //byte[] encrypted = cipher.doFinal( URLEncoder.encode(data).getBytes() ); byte[] encrypted = cipher.doFinal( to_decrypt.getBytes() ); dbpassword = new String(encrypted); } catch (Exception e) { System.out.println("Exception while decrypting"); e.printStackTrace(); dbpassword = null; } finally { return dbpassword; } } When i call the decrypt function it gives me the following error: java.security.InvalidKeyException: Parameters missing Any ideas? Thank you

    Read the article

  • Nginx rewrite rule for Zimbra

    - by Yusuf
    I'm trying to write a rewrite rule for Zimbra, which will allow me to use a hostname to access the Zimbra Desktop Web UI instead of the IP address and port. The default Zimbra URLs are like this: http://127.0.0.1:port/?at=long-encrypted-user-id http://127.0.0.1:port/zimbra/?at=long-encrypted-user-id http://127.0.0.1:port/desktop/login.jsp?at=long-encrypted-user-id Here's what I have till now: server { server_name hostname; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:port/; } } This only replaces http://hostname by http://127.0.0.1:port in the background; Where I'm stuck is adding the ?at=long-encrypted-user-id to the URLs. Can somebody help?

    Read the article

  • NAS4Free disk encryption and ZFS error

    - by MiNT
    I have installed a NAS4Free on a VM, and as recommended, i installed it on a 1GB virtual disk, and assigned another disk 500GB to this VM for file storage. I have created the disk, encrypted it, created a ZFS virtual disk, and then a ZFS storage pool. Everything was working. On every restart of this VM i needed to go on and mount the encrypted drive. Recently i upgraded the host machine, and now i cant mount or make it work. I have tried removing everything and setting up from scratch everything, with the exception of formating the disk, i have used an encrypted one without formating it. Does anybody have any suggestion on how can i at least get back my data, can i mount somehow the encrypted drive even in another utility, just need to get back the data that were on it.

    Read the article

  • Can I specify PBKDF2 rounds to use with LUKS/dm-crypt?

    - by Naftuli Tzvi Kay
    I have encrypted my root partition with dm-crypt/LUKS/cryptsetup on Ubuntu 12.04. Since it uses PBKDF2: Is it possible, during creation of the encrypted disk, to specify a custom amount of PBKDF2 iterations for key derivation? Is it possible, after the encrypted disk has already been created, to modify the amount of PBKDF2 iterations for key derivation? I'd like to make it a little harder to brute-force :)

    Read the article

  • Is visiting HTTPS websites on a public hotspot secure?

    - by Calmarius
    It's often said that HTTPS SSL/TLS connections are encrypted and said to be secure because the communication between the server and me is encrypted (also provides server authentication) so if someone sniffs my packets, they will need zillions of years to decrypt if using brute force in theory. Let's assume I'm on a public wifi and there is a malicious user on the same wifi who sniffs every packet. Now let's assume I'm trying to access my gmail account using this wifi. My browser does a SSL/TLS handshake with the server and gets the keys to use for encryption and decryption. If that malicious user sniffed all my incoming and outgoing packets. Can he calculate the same keys and read my encrypted traffic too or even send encrypted messages to the server in my name?

    Read the article

  • Windows XP: how to disable automatic encryption on downloaded files

    - by T. Webster
    I have Windows XP SP3 and every file I download is automatically encrypted no matter what directory I save the downloaded file in. So it's not as simple as turning off encryption of any specific directory, the file will be downloaded as encrypted regardless of whether the directory is encrypted or not. Is there a policy or registry setting somewhere to disable this automatic encryption? (EDIT: I doubt it's malware since this OS was just installed on this machine. It's my work PC and by default I think there's some group policy or other setting which not only sets everything in My Documents to encrypted, but also everything I download, no matter where it's downloaded to. )

    Read the article

  • TrueCrypt Corrupted Files

    - by B. Knight
    Several months ago, I needed to reorganize my data across multiple external hard drives with my laptops primary hard drive as the go-between. My external hard drives are all encrypted with TrueCrypt. It appears to me that somehow during the transfer of my files between the encrypted external drive an the unencrypted internal drive, the files were transferred "as-is" (in their encrypted state). The files range from very small to very large. It appears that this may have happened during one consecutive transfer session. Has anyone ever experienced this problem, and if so were you able to fix it? Is there a way to recreate the encrypted partition, transfer the files, and then decrypt them to their usable state? Or can the files somehow be decrypted through other means? UPDATE: I am running Windows 7 (x64) HP now, but may have been runninG ENT. then. Toshiba Laptop 650GB HDD / 4GB Mem. Latest version of TC

    Read the article

  • Wireless with WEP extremely slow on an Acer Timeline 4810T with a Centrino Wireless-N 1000

    - by noq38
    I've upgraded an Acer Timeline 4810T to Ubuntu 11.10. Everything works fine except for the darn wireless interface (network manager). I just tested the wireless interface over a non-encrypted signal and it works beautifully. The issue is definitely related to WEP. Unfortunately, some of the networks I need to connect to are WEP encrypted, therefore this is a serious issue for me that is preventing me from using Ubuntu on my laptop. This was no problem in 11.04 and prior. Is there a simple solution for this? Any suggestions? Here's more hardware information. Hopefully this helps to debug the network issue: sudo lshw -class network *-network description: Wireless interface product: Centrino Wireless-N 1000 vendor: Intel Corporation physical id: 0 bus info: pci@0000:02:00.0 logical name: wlan0 version: 00 serial: 00:1e:64:3c:5e:e0 width: 64 bits clock: 33MHz capabilities: pm msi pciexpress bus_master cap_list ethernet physical wireless configuration: broadcast=yes driver=iwlagn driverversion=3.0.0-13-generic-pae firmware=39.31.5.1 build 35138 latency=0 link=no multicast=yes wireless=IEEE 802.11bgn resources: irq:43 memory:d2400000-d2401fff lspci 02:00.0 Network controller: Intel Corporation Centrino Wireless-N 1000 rfkill list 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no 1: acer-wireless: Wireless LAN Soft blocked: no Hard blocked: no Many thanks for your help! I just tested the wireless interface over a non-encrypted signal and it works beautifully. The issue is definitely related to WEP. Unfortunately, some of the networks I need to connect to are WEP encrypted, therefore this is a serious issue for me that is preventing me from using Ubuntu on my laptop. Any suggestions?

    Read the article

  • What is meant by "no password set" for root account (and otthers)?

    - by MMA
    Several years back, we were more accustomed to changing to the root account using the su command. First, we switched to the root account, and then executed those root commands. Now we are more accustomed to using the sudo command. But we know that the root account is there. We can readily find the home directory of user root. $ ls -ld /root/ drwx------ 18 root root 4096 Oct 22 17:21 /root/ Now my point is, it is stated that "the root password in Ubuntu is left unset". Please see the answers to this question. Most of the answers have something to this effect in the first paragraph. One or two answers further state that "the account is left disabled". Now my (primary) questions are, What is meant by an unset password? Is it blank? Is it null? Or something else more cryptic? How does the account becomes enabled once I set password for it? (sudo password root) In order get a better understanding, I checked the /etc/shadow file. Since I have already set a password for the root account, I can no longer see what is there (encrypted password). So, I created another account and left it disabled. The corresponding entry in the /etc/shadow file is, testpassword:!:16020:0:99999:7::: Now perhaps my above queries need to be changed to, what does an ! in password field mean? Other encrypted passwords are those very long cryptic strings. How come this encrypted form is only one character long? And does an account become disabled if I put an ! in the (encrypted) password field?

    Read the article

  • BadPaddingException in Android encrypt

    - by DarthRoman
    Hi everyone, I am making an Android application, and I want to encrypt a String before sending it to a DataBase, and encrytpion is correct. The problem is when I am going to decrypt the String, because I get a BadPaddingException and I have no idea where the problem is. Here is the code: public final static String HEX = "36A52C8FB7DF9A3F"; public static String encrypt(String seed, String cleartext) throws Exception { byte[] rawKey = getRawKey(seed.getBytes()); byte[] result = encrypt(rawKey, cleartext.getBytes()); return toHex(result); } public static String decrypt(String seed, String encrypted) throws Exception { byte[] rawKey = getRawKey(seed.getBytes()); byte[] enc = toByte(encrypted); byte[] result = decrypt(rawKey, enc); return new String(result); } public static String toHex(String txt) { return toHex(txt.getBytes()); } public static String fromHex(String hex) { return new String(toByte(hex)); } public static byte[] toByte(String hexString) { int len = hexString.length()/2; byte[] result = new byte[len]; for (int i = 0; i < len; i++) result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue(); return result; } public static String toHex(byte[] buf) { if (buf == null) return ""; StringBuffer result = new StringBuffer(2*buf.length); for (int i = 0; i < buf.length; i++) { appendHex(result, buf[i]); } return result.toString(); } private static byte[] getRawKey(byte[] seed) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance("AES"); SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); sr.setSeed(seed); kgen.init(128, sr); // 192 and 256 bits may not be available SecretKey skey = kgen.generateKey(); byte[] raw = skey.getEncoded(); return raw; } private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception { SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); byte[] encrypted = cipher.doFinal(clear); return encrypted; } private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception { SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.DECRYPT_MODE, skeySpec); byte[] decrypted = cipher.doFinal(encrypted); return decrypted; } private static void appendHex(StringBuffer sb, byte b) { sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f)); } I encrypt and decrypt with this code: String encrypted = encrypt(HEX, "some text"); String decrypted = decrypt(HEX, encrypted); Can anyone help me please? Thank you very much!!

    Read the article

  • Ubuntu, Gnome, PAM and ecryptfs

    - by Michel
    I would like to have a directory accessible to a couple of users, and not readable by maintenance types ... I can do what I want using ecryptfs and a password known only to the "couple of users" in question, who then can mount the directory and use as they see fit. I would love to be able to automate that process and unlock the directory at login - again, only for the "couple users" in question, without asking a password. Gnome-keyring is able to store passphrases/passwords encrypted; and, apparently, if I could get a key identity to ecryptfs, Gnome PAM modules would allow the key with that identity to be unlocked, and the directory could be mounted. Alas, I have found no way to go from point A (Gnome PAM keyring module) to point B (use the unlocked key in ecryptfs). Another use of the same mechanism would allow to build a "key escrow" mechanism, where keys to encrypted volumes are safekept with, e.g., HR; so that company information in encrypted directories can be recovered if you pass under the proverbial bus.

    Read the article

  • URL Encryption vs. Encoding

    - by hozza
    At the moment non/semi sensitive information is sent from one page to another via GET on our web application. Such as user ID or page number requested etc. Sometimes slightly more sensitive information is passed such as account type, user privileges etc. We currently use base64_encode() and base64_decode() just to de-humanise the information so the end user is not concerned. Is it good practice or common place for a URL GET to be encrypted rather than simply PHP base64_encoded? Perhaps using something like, this: $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key)))); $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encrypted), MCRYPT_MODE_CBC, md5(md5($key))), "\0"); Is this too much or too power hungry for something as common as the URL GET.

    Read the article

  • openssl ssl encryption

    - by deddihp
    Hello, I want to discuss about openssl write and read method. Assume I have an data structure like below: /-----------------------------------------------------\ | my_header | PAYLOAD | \-----------------------------------------------------/ | | \ / \ / not encrypted encrypted I think the proper algorithm would be like this : SEND: build my_header with my own header. encrypt PAYLOAD with encryption function attach my_header and PAYLOAD (encrypted) to one buffer send it using common POSIX function just like send or sendto RECV: using common POSIX function just like recv or recvfrom. extract my_header and PAYLOAD(encrypted) decrypt PAYLOAD with decryption function at last i got my_header and PAYLOAD(decrypted). How is your approach if you face a problem like above. Since openssl encrypt all of data that is sent to SSL_write function (CMIIW). Thanks

    Read the article

  • PHP Mcrypt - Encrypting / Decrypting file

    - by whitman6732
    Trying to write a couple of functions that will encrypt or decrypt a file and am using the class found here to try and accomplish this: http://www.itnewb.com/v/PHP-Encryption-Decryption-Using-the-MCrypt-Library-libmcrypt The encryption function below seems to work, in that it appears to encrypt the file and place it in the intended directory. I'm trying to decrypt the file now, and it just dies with the message "Failed to complete decryption" (which is coded in there...) There's nothing in the php error logs, so I'm not sure why it's failing, but as mcrypt is entirely new to me, I'm more than inclined to believe I'm doing something wrong here... Here are the functions: //ENCRYPT FILE function encryptFile() { global $cryptastic; $pass = PGPPASS; $salt = PGPSALT; $key = $cryptastic->pbkdf2($pass, $salt, 1000, 32) or die("Failed to generate secret key."); if ($handle = opendir(PATH.'/ftpd')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { $newfile = PATH.'/encrypted/'.$file.'.txt'; $msg = file_get_contents(PATH.'/ftpd/'.$file); $encrypted = $cryptastic->encrypt($msg, $key) or die("Failed to complete encryption."); $nfile = fopen($newfile, 'w'); fwrite($nfile, $encrypted); fclose($nfile); unlink(PATH.'/ftpd/'.$file); } } closedir($handle); } //DECRYPT FILE function inFTP() { global $cryptastic; $pass = PGPPASS; $salt = PGPSALT; $key = $cryptastic->pbkdf2($pass, $salt, 1000, 32) or die("Failed to generate secret key."); if ($handle = opendir(PATH.'/encrypted')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { $newfile = PATH.'/decrypted/'.$file; $msg = PATH.'/encrypted/'.$file; $decrypted = $cryptastic->decrypt($msg, $key) or die("Failed to complete decryption."); $nfile = fopen($newfile, 'w'); fwrite($nfile, $decrypted); fclose($nfile); //unlink(PATH.'/encrypted/'.$file); } } closedir($handle); } //$crypt->decrypt($file); }

    Read the article

  • is that possible to crack Private key with Decrypted message and public key?

    - by matt clarck
    for example company B send an encrypted email with company A's public key (RSA/PGP/SSH/openSSL/...) the employer receive the encrypted email and send it to his boss who have the private key to decrypt message. the boss give decrypted email back to employer to work on it. question is can employer compare encrypted email with decrypted version and find out what is private key ? if it is possible then is there anyway to protect cracking private key from decrypted messages and comparing with encrypted messages/public key ?

    Read the article

  • php - feof error

    - by TwixxyKit
    The file that I'm trying to read is a pgp-encrypted file. This is part of the process to decrypt it and I'm actually attempting to read the contents into a string so that I can then decrypt it . I'm not sure if that's the core problem here or not, but I'm getting an error: Warning: feof(): supplied argument is not a valid stream resource Here's the file code: if($handle = opendir($dir)) { while( false !== ($file = readdir($handle))) { if($file != "." && $file != "..") { $fhandle = fopen($file, "r"); $encrypted = ''; $filename = explode('.',$file); while(!feof($fhandle)) { $encrypted .= fread($fhandle, filesize($file)); } fclose($fhandle); $decrypted = $filename[0].'.txt'; shell_exec("echo $passphrase | $gpg --passphrase-fd 0 -o $decrypted -d $encrypted"); } } }

    Read the article

  • SQL Server, Generate scripts, unencrypted stored procedures only

    - by PeterO
    I have a SQL Server database with 3195 stored procedures. Most (approx 90%) of the stored procedures are encrypted (it's a 3rd party app) but there are many that are not encrypted (added by consultants later). I need to get an overview of the unencrypted stored procedures created by consultants and then apply fixes so that they can work with UTC time. I use Generate Scripts and select only stored procedures but that fails. I assume that is because the first stored procedure that it tries to write out is encrypted. Is there a way to write out the approx 300 stored procedures that are not encrypted?

    Read the article

  • How does the receiver of a cipher text know the IV used for encryption?

    - by PatrickL
    If a random IV is used in encrypting plain text, how does the receiver of the cipher text know what the IV is in order to decrypt it? This is a follow-up question to a response to the previous stackoverflow question on IVs here. The IV allows for plaintext to be encrypted such that the encrypted text is harder to decrypt for an attacker. Each bit of IV you use will double the possibilities of encrypted text from a given plain text. The point is that the attacker doesn't know what the IV is and therefore must compute every possible IV for a given plain text to find the matching cipher text. In this way, the IV acts like a password salt. Most commonly, an IV is used with a chaining cipher (either a stream or block cipher). ... So, if you have a random IV used to encrypt the plain text, how do you decrypt it? Simple. Pass the IV (in plain text) along with your encrypted text. Wait. You just said the IV is randomly generated. Then why pass it as plain text along with the encrypted text?

    Read the article

  • Cryptographic Validation Explained

    - by MarkPearl
    We have been using LogicNP’s CryptoLicensing for some of our software and I was battling to understand how exactly the whole process worked. I was sent the following document which really helped explain it – so if you ever use the same tool it is well worth a read. Licensing Basics LogicNP CryptoLicensing For .Net is the most advanced and state-of-the art licensing and copy protection system you can use for your software. LogicNP CryptoLicensing System uses the latest cryptographic technology to generate and validate licenses. The cryptographic algorithm used is the RSA algorithm which consists of a pair of keys called as the generation key and the validation key. Data encrypted using the generation key can only be decrypted using the corresponding validation key. How does cryptographic validation work? When a new license project is created, a unique validation-generation key pair is created for the project. When LogicNP CryptoLicensing For .Net generates licenses, it encrypts the license settings using the generation key. The validation key can be safely distributed with your software and is used during validation. During license validation, LogicNP CryptoLicensing For .Net attempts to decrypt the encrypted license code using the validation key. If the decryption is successful, this means that the data was encrypted using the generation key, since only the corresponding validation key can decrypt data encrypted with the generation key. This further means that not only is the license valid but that it was generated by you and only you since nobody else has access to the generation key. Generation Key This key is used by CryptoLicensing Generator to generate encrypted license codes. This key is stored in the license project file, so the license project file must be kept secure and confidential and must be accorded the same care as any other critical asset such as source code. Validation Key This key is used for validating generated license codes. It is the same key displayed in the 'Get Validation Key And Code' dialog (Ctrl+K) and is used by your software when validating license codes (using LogicNP.CryptoLicensing.dll). Unlike the generation key, it is not necessary to keep this key secure and confidential. Note that the generation key pair is stored in the project file created by LogicNP CryptoLicensing For .Net, so it is very important to backup this file and to keep it secure. Once the file is lost, it is not possible to retrieve the key pair. FAQ Do I use the same validation key to validate all license codes? Yes, the validation key (and generation key) for the project remains the same; you use the same key to validate all license codes generated using the project. You can retrieve the validation key using the "Project" menu --> "Get Validation Key & Code" menu item. Can license codes generated using generation key from one project be validated using validation key of another project? No! Q. Is every generated license code unique? A. Yes, every license code generated by CryptoLicensing is guaranteed to be unique, even if you generate thousands of codes at a time. Q. What makes CryptoLicensing so secure? A. CryptoLicensing uses the latest cryptographic technology to generate and validate licenses. The cryptographic algorithm used is the RSA asymmetric key algorithm which can use upto 3072-bit keys. Given current computing power, it takes years to break a 3072-bit key. Q. Is is possible for a hacker to develop a keygen for my software? A. Impossible. The cryptographic algorithm used by CryptoLicensing consists of a pair of keys called as the generation key and the validation key. Data encrypted with one key can only be decrypted by the other key and vice versa. Licenses are generated using the generation key and validated using the validation key. Without the generation key, it is impossible to generate valid licenses. Q. What is the difference between validation key and generation key? Generation Key This key is used by CryptoLicensing Generator to generate encrypted license codes. This key is stored in the license project file, so the license project file must be kept secure and confidential and must be accorded the same care as any other critical asset such as source code. Validation Key This key is used for validating generated license codes. It is the same key displayed in the 'Get Validation Key And Code' dialog (Ctrl+K) and is used by your software when validating license codes (using LogicNP.CryptoLicensing.dll). Unlike the generation key, it is not necessary to keep this key secure and confidential. Q. Do I have to include the license project file (.licproj) with my software? A. No!!! This goes against the very essence of the security of the asymmetric cryptographic scheme because the project file contains both the validation and generation key. With your software, you only need to include the validation key which will be used to validate licenses generated by CryptoLicensing using the generation key. The license project file should be treated as any other valuable and confidential asset such as your source code. Q. Does the license service need the license project file? A. Yes. The license project file is needed whenever new licenses are generated (via the UI, via the API or via the license service). As just one example, the license service generates new machine-locked licenses when activated licenses are presented to it for activation, therefore the license service needs the license project file. Q. Is it possible to embed my own data in the generated licenses? A. Yes. You can embed any amount of additional data in the licenses. This data will have the same amount of security as the license code itself and will be tamper-proof. The embedded user data can be retrieved from your software. Q. What additional steps can I take to ensure that my software does not get cracked? A. There are many methods and techniques which can make it extremely difficult for a hacker to crack your software. See Writing Effective License Checking Code And Designing Effective Licenses for more information. Q. Why is the license service not working? A. The most common cause is not setting the CryptoLicense.LicenseServiceURL property before trying to validate a license. Make sure that this property is set to the correct URL where your license service is hosted. The most common cause after this is that the license project file on the web server where your license service is hosted is not the latest. This happens if you make changes to the license project (for example, set the 'Enable With Serials' setting for a profile), but don't upload the updated project file to your web server. Q. Why are my serials not working? Serial codes require the user of a license service. See Using Serial Codes for more details. Also see the earlier question 'Why is the license service not working?' Q. Is the same validation key used to validate license codes generated from different profiles. A. Yes. Profiles are just pre specified license settings for quickly generating licenses having those settings. The actual license code is still generated using the license project's cryptographic generation key and thus, can be validated using the project's validation key. Q. Why are changes made to a profile not getting saved? A. Simply changing license settings via UI and saving the license project does not save those license settings to the active profile. You must first save the license settings to a profile using the Save/Save As command from the Profiles menu (see above). Q. Why is validation of activated licenses failing from CryptoLicensing Generator, but works from my software? A. Make sure that you have specified the URL of the license service using the Project Properties Dialog. Also see the earlier question 'Why is the license service not working?' Q. How can I extend the trial period of my customer? A. To extend the evaluation period of the customer, simply send him a new license code specifying the desired evaluation limits. Evaluation information such as the current used days, executions, etc are stored in garbled form in a registry location which is derived from the license code. Therefore, when a new license code is used, the old evaluation information will not be used and a new evaluation period will be started.

    Read the article

< Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >