Search Results

Search found 2089 results on 84 pages for 'encryption'.

Page 13/84 | < Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >

  • Encryption Primer for SQL Server Data

    As a database developer or DBA there is not a lot you can do about a legitimate user sharing confidential data. However, you can minimize the risks of someone breaking into our database and browsing around to find confidential information. This article explores how you can use SQL Server features to encrypt your confidential data.

    Read the article

  • Safe non-tamperable URL component in Perl using symmetric encryption?

    - by Randal Schwartz
    OK, I'm probably just having a bad Monday, but I have the following need and I'm seeing lots of partial solutions but I'm sure I'm not the first person to need this, so I'm wondering if I'm missing the obvious. $client has 50 to 500 bytes worth of binary data that must be inserted into the middle of a URL and roundtrip to their customer's browser. Since it's part of the URL, we're up against the 1K "theoretical" limit of a GET URL. Also, $client doesn't want their customer decoding the data, or tampering with it without detection. $client would also prefer not to store anything server-side, so this must be completely standalone. Must be Perl code, and fast, in both encoding and decoding. I think the last step can be base64. But what are the steps for encryption and hashing that make the most sense?

    Read the article

  • Can a proxy server cache SSL GETs? If not, would response body encryption suffice?

    - by Damian Hickey
    Can a (||any) proxy server cache content that is requested by a client over https? As the proxy server can't see the querystring, or the http headers, I reckon they can't. I'm considering a desktop application, run by a number of people behind their companies proxy. This application may access services across the internet and I'd like to take advantage of the in-built internet caching infrastructure for 'reads'. If the caching proxy servers can't cache SSL delivered content, would simply encrypting the content of a response be a viable option? I am considering all GET requests that we wish to be cachable be requested over http with the body encrypted using asymmetric encryption, where each client has the decryption key. Anytime we wish to perform a GET that is not cachable, or a POST operation, it will be performed over SSL.

    Read the article

  • Is it possible to check if a BIOS supports password entry for a self-encrypting SSD/harddrive?

    - by therobyouknow
    I'm considering purchasing a SSD that has built-in hardware encryption / self-encrypting drive that provides its own full drive encryption. What can I do to check that the BIOS on my machine will support it? Background research so far Research on self-encrypting drives - good article below, but I would need to know if the BIOS can support it: http://www.computerweekly.com/feature/Self-encrypting-drives-SED-the-best-kept-secret-in-hard-drive-encryption-security

    Read the article

  • Performance Overhead of Encrypted /home

    - by SabreWolfy
    I have a netbook with Windows on the second partition and Xubuntu (/ and /home) on the third partition. I selected to encrypt my home folder during installation. The performance of the netbook is adequate for the small machine that it is, but I'm looking to improve performance. I could not find much information about the overhead (CPU or drive) associated with home partition encryption. I ran the following, writing to my home partition as well as the the mounted Windows partition: dd if=/dev/zero of=~/dummy bs=512 count=10240 dd if=/dev/zero of=/media/Windows/dummy bs=512 count=10240 The first returned 2.4MB/s and the second returned 2.5MB/s. Can I therefore deduce that there is very little overhead to home folder encryption? I'm not sure if the different filesystems will make any difference (/ and /home are ext3). Update 1 I don't know why I didn't use /tmp instead of the mounted Windows folder. Only /home is encrypted, so /tmp is unencrypted ext3. The results of the dd as above are astounding: ~: 2.4 MB/s /tmp: 42.6 MB/s Comments please? The reason I am asking this is that disk access on the netbook is noticeably slow. Update 2 I timed each of the dd operations with time: ~: real 0m2.217s user 0m0.028s sys 0m2.176s /tmp: real 0m0.152s user 0m0.012s sys 0m0.136s See also: discussion on UbuntuForums.org and bug report Edit: Output of mount: /dev/sda3 on / type ext3 (rw,noatime,errors=remount-ro,user_xattr,commit=600) proc on /proc type proc (rw,noexec,nosuid,nodev) none on /sys type sysfs (rw,noexec,nosuid,nodev) fusectl on /sys/fs/fuse/connections type fusectl (rw) none on /sys/kernel/debug type debugfs (rw) none on /sys/kernel/security type securityfs (rw) none on /dev type devtmpfs (rw,mode=0755) none on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620) none on /dev/shm type tmpfs (rw,nosuid,nodev) none on /var/run type tmpfs (rw,nosuid,mode=0755) none on /var/lock type tmpfs (rw,noexec,nosuid,nodev) binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev) gvfs-fuse-daemon on /home/USER/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=USER) `

    Read the article

  • Cannot login in account with encrypted home after update from 11.04 to 11.10

    - by martin
    After upgrading from ubuntu 11.04 to 10.10 I cannot access my encrypted home partition anymore. I can login, however all data stays encrypted. ecryptfs-mount-private gives: ERROR: Encrypted private directory is not setup properly Any idea how to fix this? Update I have several kernels installed (after the upgrade my menu.lst looks like this: http://paste.org/pastebin/view/35591) the problem is the same for all kernels. Booting from 2.6.32-27-generic and adduser --encrypt-home tes gives: Adding user `tes' ... Adding new group `tes' (1008) ... Adding new user `tes' (1007) with group `tes' ... Creating home directory `/home/tes' ... Setting up encryption ... ************************************************************************ YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION. ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME. ************************************************************************ Error: Your kernel does not support filename encryption ERROR: Could not add passphrase to the current keyring adduser: `/usr/bin/ecryptfs-setup-private -b -u tes' returned error code 1. Exiting.

    Read the article

  • Is encoding needed in this decryption?

    - by Lijo
    I have a Encryption – Decryption scenario as shown below. //[Clear text ID string as input] -- [(ASCII GetByte) + Encoding] -- [Encrption as byte array] -- [Database column is in VarBinary] -- [Pass byte[] as VarBinary parameter to SP for comparison] //[ID stored as VarBinary in Database] -- [Read as byte array] -- [(Decrypt as byte array) + Encoding + (ASCII Get String)] -- Show as string in the UI My question is in the decryption scenario. After decryption I get a byte array. I am doing an encoding (IBM037) after that. Is it correct? Is there something wrong in the flow shown above? private static byte[] GetEncryptedID(string id) { Interface_Request input = new Interface_Request(); input.RequestText = Encodeto64(id); input.RequestType = Encryption; ProgramInterface inputRequest = new ProgramInterface(); inputRequest.Test_Trial_Request = input; using (KTestService operation = new KTestService()) { return ((operation.KTrialOperation(inputRequest)).Test_Trial_Response.ResponseText); } } private static string GetDecryptedID(byte[] id) { Interface_Request input = new Interface_Request(); input.RequestText = id; input.RequestType = Decryption; ProgramInterface request = new ProgramInterface(); request.Test_Trial_Request = input; using (KTestService operationD = new KTestService()) { ProgramInterface1 response = operationD.KI014Operation(request); byte[] decryptedValue = response.ICSF_AES_Response.ResponseText; Encoding sourceByteFormat = Encoding.GetEncoding("IBM037"); Encoding destinationByteFormat = Encoding.ASCII; //Convert from one byte format to other (IBM to ASCII) byte[] ibmEncodedBytes = Encoding.Convert(sourceByteFormat, destinationByteFormat,decryptedValue); return System.Text.ASCIIEncoding.ASCII.GetString(ibmEncodedBytes); } } private static byte[] EncodeTo64(string toEncode) { byte[] dataInBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(toEncode); Encoding destinationByteFormat = Encoding.GetEncoding("IBM037"); Encoding sourceByteFormat = Encoding.ASCII; //Convert from one byte format to other (ASCII to IBM) byte[] asciiBytes = Encoding.Convert(sourceByteFormat, destinationByteFormat, dataInBytes); return asciiBytes; }

    Read the article

  • How do I rescue files from the encrypted home folder via live USB stick?

    - by Alexia
    I know, this has been asked and answered all over the internet already. However, I start feeling stupid, since the informations there are not helping me. Just this morning, I wanted to install the newest update to 13.10. After the download, when it came to the actual installing, the install program froze and didn't do anything for hours. At that time, I was still logged in. The computer was working and everything was accessable to me. However, I made the mistake and didn't immediately make safety copies of everything. Instead, I just rebooted. Long story short: My computer even fails to reset to a previous version via Grub. But I am able to boot from a USB stick and, after starting Nautilus, I see my home folder on the HD. I would now like to copy its contents onto an external harddisk. Problem 1: I have no rights to access the folder like that. Problem 2: It is encrypted. Problem 3: I don't know how to give myself the rights to access the folder nor do I know how to encrypt it. I assume that it might help that I still know these things: - my old login name - my old login phrase - a 32 characters long string of hexadecimal numbers that I copied to my list of passwords as "Ubuntu Encryption Code". I copied it digitally right after installing Ubuntu the first time and encrypting the home folder, so there won't be any typos. I am sure of that. The solutions that I saw so far, tell me that I need the "encryption phrase". But when I follow the instructions and use this phrase that I have in my list, I only get messages of denial. Can anyone help me through this special problem, please?

    Read the article

  • How to modify partitions after install?

    - by ChocoDeveloper
    I wanted to have Ubuntu with full disk encryption on one big partition, and Windows on a small one. In 12.04, only the Server Edition installer has full disk encryption, so I used that and then installed ubuntu-desktop. When it asked for the size, I reduced it from ~999GB to ~750gb. Now after the install, on both gparted and disk utility I see /dev/sda2 taking ~931GB, and nothing unallocated, so I can't create a partition for windows. I got the size right, because when I right-click inside a folder, then hit 'properties', I see Free space: ~690GB (I don't know why it's not ~750GB, but at least it's not 900). The command df -h shows the same. So what can I do? Normally I would just resize a partition with gparted to create unallocated space, then create the partition. But here I have two problems: gparted does not seem to be showing the correct values, and also it says it does not support LUKS so I'm afraid it will mess things up. Any thoughts?

    Read the article

  • is this aes encryption wrapper safe ? - yet another take...

    - by user393087
    After taking into accound answers for my questions here and here I created (well may-be) improved version of my wrapper. The key issue was what if an attacker is knowing what is encoded - he might then find the key and encode another messages. So I added XOR before encryption. I also in this version prepend IV to the data as was suggested. sha256 on key is only for making sure the key is as long as needed for the aes alg, but I know that key should not be plain text but calculated with many iterations to prevent dictionary attack function aes192ctr_en($data,$key) { $iv = mcrypt_create_iv(24,MCRYPT_DEV_URANDOM); $xor = mcrypt_create_iv(24,MCRYPT_DEV_URANDOM); $key = hash_hmac('sha256',$key,$iv,true); $data = $xor.((string)$data ^ (string)str_repeat($xor,(strlen($data)/24)+1)); $data = hash('md5',$data,true).$data; return $iv.mcrypt_encrypt('rijndael-192',$key,$data,'ctr',$iv); } function aes192ctr_de($data,$key) { $iv = substr($data,0,24); $data = substr($data,24); $key = hash_hmac('sha256',$key,$iv,true); $data = mcrypt_decrypt('rijndael-192',$key,$data,'ctr',$iv); $md5 = substr($data,0,16); $data = substr($data,16); if (hash('md5',$data,true)!==$md5) return false; $xor = substr($data,0,24); $data = substr($data,24); $data = ((string)$data ^ (string)str_repeat($xor,(strlen($data)/24)+1)); return $data; } $encrypted = aes192ctr_en('secret text','password'); echo $encrypted; echo aes192ctr_de($encrypted,'password'); another question is if ctr mode is ok in this context, would it be better if I use cbc mode ? Again, by safe I mean if an attacter could guess password if he knows exact text that was encrypted and knows above method. I assume random and long password here. Maybe instead of XOR will be safer to random initial data with another run of aes or other simpler alg like TEA or trivium ?

    Read the article

  • PGP Desktop Whole disk Encryption paused on a toshiba ultrabook z935

    - by garg
    I have a Toshiba z930 Ultrabook with PGP Desktop installed for whole disk encryption. It installed correctly, and started encrypting but it stays paused. If I reboot, it shows me the PGP desktop username, password, domain screen. If I enter in my credentials, it allows me to get into windows but encryption remains paused. If I click on resume, it lets me enter a password, accepts it but then it doesn't do anything. One suspicious thing is that in the 'Select disk or partition to encrypt' box, it says, C: 120B fixed disk. Unknown Bus: TOSHIBA THNSNS12... Do I need to change something in the BIOS, or install any drivers so that it doesn't see it as an Unknown Bus?

    Read the article

  • Belarc Advisor (Store Passwords using Reversible Encryption)

    - by Steve
    Hi, I'm using Belarc Advisor to examine my PC. Part of BA is a security benchmark summary, which examines components of windows security and provides a benchmark rating. Two items are marked as Fail: - Store Passwords using Reversible Encryption - Password History Size I have opened the Local Security Settings tool from the Control Panel Administrative Tools, and ensured that the "Store passwords using reversible encryption" setting is enabled. Also, I've set the password history to a number. So I'm a bit miffed about the Fail marks. Any idea why the Fail marks appear? Any clues how I can Pass them? Thanks, Steve.

    Read the article

  • Best Practices To Build a Product Registration System?

    - by Volomike
    What are some practices I should use in a product registration system I'm building? I likely can't stop all malicious hacking, but I'd like to slow them down a great deal. (Note, I know only PHP.) I'm talking about things like encrypting traffic, testing the encryption from hacking like a man-in-the-middle attack, etc. The other concern I have is that this needs to work on most PHP5-based web hosting environments, which may not have mcrypt installed.

    Read the article

  • How does a web browser save passwords?

    - by marcus
    How do current web browsers (or mobile mail clients and any software in general) save user passwords? All answers about storing passwords say we should store only hashes, not the password themselves. But I'm having a hard time searching the web trying to find the best techniques to store passwords when we know we will need them in plain text later on — without storing them in plain text, without using a weak encryption (known key) and without asking the user for a master password. Any ideas?

    Read the article

  • stuck on "preparing..." when restoring from deja-dup backup

    - by Dan
    I'm trying to restore my deja-dup backup from a certain date. However during restore after selecting the date to restore from i get a "restoring... "preparing"..." window that just seems stuck there doing nothing forever (past 1/2 hour). There was a point when i was prompted for the "encryption password" but i don't remember it, so i just entered one. I never got any error if the password i entered was not accepted.

    Read the article

  • How do PGP and PEM differ?

    - by Dummy Derp
    Email messages are sent in plain text which means that the messages I send to Derpina are visible to anyone who somehow gets access to them while they are in transit. To overcome this, various encryption mechanisms were developed. PEM and PGP are two of them. PEM - canonically converts-adds digital signature-encrypts and sends PGP does exactly the same. So where do they differ? Or is it that PGP (being a program) is used to generate a PEM message?

    Read the article

  • How to wipe RAM on shutdown (prevent Cold Boot Attacks)?

    - by proper
    My system is encrypted using Full Disk Encryption, i.e. everything except /boot is encrypted using dmcrypt/luks. I am concerned about Cold Boot Attacks. Prior work: https://tails.boum.org/contribute/design/memory_erasure/ http://tails.boum.org/forum/Ram_Wipe_Script/ http://dee.su/liberte-security http://forum.dee.su/topic/stand-alone-implementation-of-your-ram-wipe-scripts Can you please provide instructions on how to wipe the RAM once Ubuntu is shutdown/restarted? Thanks for your efforts!

    Read the article

  • Anyone have any opinions about Chilkatsoft? [closed]

    - by Joe Enos
    I'm considering purchasing the Chilkatsoft bundle, which includes a bunch of libraries on lots of technologies. Specifically, I care about .NET compression, encryption, FTP, and mail libraries, but I'm interested in looking at the rest of their stuff as well. Does anyone have any experience using these libraries, or opinions on the company or product in general? The price is right, and the content seems good, so I just want to make sure I do my homework before purchasing. Thanks

    Read the article

  • SQL Server 2000 and SSL Encryption

    - by Angry_IT_Guru
    We are a datacenter that hsots a SQL Server 2000 environment which provides database services for a product we sell that is loaded as a rich-client applicatin at each of our many clients and their workstations. Currently today, the application uses straight ODBC connections from the client site to our datacenter. We need to begin encrypting the credentials -- since everything is clear-text today and the authentication is weakly encrypted -- and I'm trying to determine the best way to implement SSL on the server with minimizing the impact of the client. A few things, however: 1) We have our own Windows domain and all our servers are joined to our private domain. Our clietns no nothing of our domain. 2) Typically, our clients connect to our datacenter servers either by: a) Using TCP/IP address b) Using a DNS name that we publish via internet, zone transfers from our DNS servers to our customers, or the client can add static HOSTS entries. 3) From what I understand from enabling encryption is that I can go to the Network Utility and select the "encryption" option for the protocol that I wish to encrypt. Such as TCP/IP. 4) When the encryption option is selected, I have a choice of installing a third-party certificate or a self-signed. I have tested the self-signed, but do have potential issues. I'll explain in a bit. If I go with a third-party cert, such as Verisign, or Network solutions... what kind of certificate do I request? These aren't IIS certificates? When I go create a self-signed via Microsoft's certificate server, I have to select "Authentication certificate". What does this translate to in the third-party world? 5) If I create a self-signed certificate, I understand that the "issue to" name has to match the FQDN for the server that is running SQL. In my case, I have to use my private domain name. If I use this, what does this do for my clients when trying to connect to my SQL Server? Surely they cannot resolve my private DNS names on their network.... I've also verified that when the self-signed certificate is installed, it has to be in the local personal store for the user account that is running SQL Server. SQL Server will only start if the FQDN matches the "issue to" of the certificate and SQL is running under the account that has the certificate installed. If I use a self-signed certificate, does this mean I have to have every one of my clients install it to verify? 6) If I used a third-party certificate, which sounds like the best option, do all my clients have to have internet access when accessing my private servers of their private WAN connection to use to verify the certificate? What do I do about the FQDN? It sounds like they have to use my private domain name -- which is not published -- and can no longer use the one that I setup for them to use? 7) I plan on upgrading to SQL 2000 soon. Is setup of SSL any easier/better with SQL 2005 than SQL 2000? Any help or guiadance would be appreciated

    Read the article

  • How Can I Generate Equivalent Output Using the CryptoAPI and the .NET Encryption (TripleDESCryptoSer

    - by S. Butts
    I have some C#/.NET code that encrypts and decrypts data using TripleDES encryption. It sticks to the sample code provided at MSDN pretty closely. The encryption piece looks like the following: TripleDESCryptoServiceProvider _desProvider = new TripleDESCryptoServiceProvider(); //bytes for key and initialization vector //keyBytes is 24 bytes of stuff, vectorBytes is 8 bytes of stuff byte[] keyBytes; byte[] vectorBytes; FileStream fStream = File.Open(locationOfFile, FileMode.Create, FileAccess.Write); CryptoStream cStream = new CryptoStream(fStream, _desProvider.CreateEncryptor(keyBytes, vectorBytes), CryptoStreamMode.Write); BinaryWriter bWriter = new BinaryWriter(cStream); //write out encrypted data //raw data is a few bytes of binary information byte[] rawData; bWriter.Write(rawData); With encrypting and decrypting in C#, this all works like a charm. The problem is I need to write a small Win32 utility that will duplicate the encryption above. I have tried several methods using the CryptoAPI, and I simply do not get output that the .NET piece can decrypt, no matter what I do. Can someone please tell me what the equivalent C++ code is that will produce the same output? I am not certain just what methods of the CryptoAPI the .NET functions use to encrypt the data. What options are used, and what method of generating the key is used? Before someone suggests that I just write it in C# anyway, or create some common library bridge for them, those options are unfortunately off the table. It really has to work in Win32 with .NET and without using a DLL. I have some leeway in changing the C# code. I apologize in advance if this is bone-headed, as I am new to encryption.

    Read the article

  • What (pure) Python library to use for AES 256 encryption?

    - by Daren Thomas
    I am looking for a (preferably pure) python library to do AES 256 encription and decryption. This library should support the CBC cipher mode and use PKCS7 padding according to the answer to an earlier question of mine. The library should at least work on Mac OS X (10.4) and Windows XP. Ideally just by dropping it into the source directory of my project. I have seen this by Josh Davis, but am not sure about how good it is and if it does the required CBC cipher mode... Scanning the source suggests it doesn't

    Read the article

< Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >