Search Results

Search found 2113 results on 85 pages for 'encryption asymmetric'.

Page 21/85 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28 | Next Page >

Password Cracking Windows Accounts

- by Kevin

At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

Read the article
PHP Encrypt/Decrypt with TripleDes, PKCS7, and ECB

- by Brandon Green

I've got my encryption function working properly however I cannot figure out how to get the decrypt function to give proper output. Here is my encrypt function: function Encrypt($data, $secret) { //Generate a key from a hash $key = md5(utf8_encode($secret), true); //Take first 8 bytes of $key and append them to the end of $key. $key .= substr($key, 0, 8); //Pad for PKCS7 $blockSize = mcrypt_get_block_size('tripledes', 'ecb'); $len = strlen($data); $pad = $blockSize - ($len % $blockSize); $data .= str_repeat(chr($pad), $pad); //Encrypt data $encData = mcrypt_encrypt('tripledes', $key, $data, 'ecb'); return base64_encode($encData); } Here is my decrypt function: function Decrypt($data, $secret) { $text = base64_decode($data); $data = mcrypt_decrypt('tripledes', $secret, $text, 'ecb'); $block = mcrypt_get_block_size('tripledes', 'ecb'); $pad = ord($data[($len = strlen($data)) - 1]); return substr($data, 0, strlen($data) - $pad); } Right now I am using a key of test and I'm trying to encrypt 1234567. I get the base64 output from encryption I'm looking for, but when I go to decrypt I get a blank response. I'm not very well versed in encryption/decryption so any help is much appreciated!!

Read the article
Encrypt a file base upon a pregenerated "key" C#

- by Anubis

Hello everyone. I'm trying to determine the best course of action to implement a simple "licensing" system with a partner of mine. The concept is: Generate an encrypted value based upon several internal hardware components. Have the customer send this value to us which we will implement into our key generator. Once we have that, we add any other restrictions on the license (user, expires, etc.). From there we generate a file which we send to the customer they can add to their installation and voila, happy people about. I have the first part all done. My next part is trying to figure out which encryption methodology I would need to use. I already know Symmetric Encryption is pretty much the only route I can take. Most of the information I have found involves .NET already creating a key from its own internal methods. That's a bit of background, my question is: "Which encryption method could I use which would allow me to encrypt the restrictions based upon the "id" I was given from the customer's computer?" I'm writing this in C# by the way. Any ideas would be greatly appreciated! Take Care!

Read the article
Android AES and init vector

- by Donald_W

I have an issue with AES encryptio and decryption: I can change my IV entirely and still I'm able to decode my data. public static final byte[] IV = { 65, 1, 2, 23, 4, 5, 6, 7, 32, 21, 10, 11, 12, 13, 84, 45 }; public static final byte[] IV2 = { 65, 1, 2, 23, 45, 54, 61, 81, 32, 21, 10, 121, 12, 13, 84, 45 }; public static final byte[] KEY = { 0, 42, 2, 54, 4, 45, 6, 7, 65, 9, 54, 11, 12, 13, 60, 15 }; public static final byte[] KEY2 = { 0, 42, 2, 54, 43, 45, 16, 17, 65, 9, 54, 11, 12, 13, 60, 15 }; //public static final int BITS = 256; public static void test() { try { // encryption Cipher c = Cipher.getInstance("AES"); SecretKeySpec keySpec = new SecretKeySpec(KEY, "AES"); c.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(IV)); String s = "Secret message"; byte[] data = s.getBytes(); byte[] encrypted = c.doFinal(data); String encryptedStr = ""; for (int i = 0; i < encrypted.length; i++) encryptedStr += (char) encrypted[i]; //decryoption Cipher d_c = Cipher.getInstance("AES"); SecretKeySpec d_keySpec = new SecretKeySpec(KEY, "AES"); d_c.init(Cipher.DECRYPT_MODE, d_keySpec, new IvParameterSpec(IV2)); byte[] decrypted = d_c.doFinal(encrypted); String decryptedStr = ""; for (int i = 0; i < decrypted.length; i++) decryptedStr += (char) decrypted[i]; Log.d("", decryptedStr); } catch (Exception ex) { Log.d("", ex.getMessage()); } } Any ideas what I'm doing wrong? How can I get 256 bit AES encryption (only change key to 32-byte long array?) Encryption is a new topic for me so please for newbie friendly answers.

Read the article
Padding error - when using AES Encryption in Java and Decryption in C

- by user234445

Hi All, I have a problem while decrypting the xl file in rijndael 'c' code (The file got encrypted in Java through JCE) and this problem is happening only for the excel files types which having formula's. Remaining all file type encryption/decryption is happening properly. (If i decrypt the same file in java the output is coming fine.) While i am dumped a file i can see the difference between java decryption and 'C' file decryption. od -c -b filename(file decrypted in C) 0034620 005 006 \0 \0 \0 \0 022 \0 022 \0 320 004 \0 \0 276 4 005 006 000 000 000 000 022 000 022 000 320 004 000 000 276 064 0034640 \0 \0 \0 \0 \f \f \f \f \f \f \f \f \f \f \f \f 000 000 000 000 014 014 014 014 014 014 014 014 014 014 014 014 0034660 od -c -b filename(file decrypted in Java) 0034620 005 006 \0 \0 \0 \0 022 \0 022 \0 320 004 \0 \0 276 4 005 006 000 000 000 000 022 000 022 000 320 004 000 000 276 064 0034640 \0 \0 \0 \0 000 000 000 000 0034644 (the above is the difference between the dumped files) The following java code i used to encrypt the file. public class AES { /** * Turns array of bytes into string * * @param buf Array of bytes to convert to hex string * @return Generated hex string */ public static void main(String[] args) throws Exception { File file = new File("testxls.xls"); byte[] lContents = new byte[(int) file.length()]; try { FileInputStream fileInputStream = new FileInputStream(file); fileInputStream.read(lContents); } catch (FileNotFoundException e) { e.printStackTrace(); } catch (IOException e1) { e1.printStackTrace(); } try { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(256); // 192 and 256 bits may not be available // Generate the secret key specs. SecretKey skey = kgen.generateKey(); //byte[] raw = skey.getEncoded(); byte[] raw = "aabbccddeeffgghhaabbccddeeffgghh".getBytes(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); byte[] encrypted = cipher.doFinal(lContents); cipher.init(Cipher.DECRYPT_MODE, skeySpec); byte[] original = cipher.doFinal(lContents); FileOutputStream f1 = new FileOutputStream("testxls_java.xls"); f1.write(original); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } } } I used the following file for decryption in 'C'. #include <stdio.h> #include "rijndael.h" #define KEYBITS 256 #include <stdio.h> #include "rijndael.h" #define KEYBITS 256 int main(int argc, char **argv) { unsigned long rk[RKLENGTH(KEYBITS)]; unsigned char key[KEYLENGTH(KEYBITS)]; int i; int nrounds; char dummy[100] = "aabbccddeeffgghhaabbccddeeffgghh"; char *password; FILE *input,*output; password = dummy; for (i = 0; i < sizeof(key); i++) key[i] = *password != 0 ? *password++ : 0; input = fopen("doc_for_logu.xlsb", "rb"); if (input == NULL) { fputs("File read error", stderr); return 1; } output = fopen("ori_c_res.xlsb","w"); nrounds = rijndaelSetupDecrypt(rk, key, 256); while (1) { unsigned char plaintext[16]; unsigned char ciphertext[16]; int j; if (fread(ciphertext, sizeof(ciphertext), 1, input) != 1) break; rijndaelDecrypt(rk, nrounds, ciphertext, plaintext); fwrite(plaintext, sizeof(plaintext), 1, output); } fclose(input); fclose(output); }

Read the article
How to remove password protection from compressed files

- by Mehper C. Palavuzlar

This has always been a problem for me for a long time. Let's see if any SuperUser can solve this: I have a directory in which there are lots of password protected .RAR files of which I know the passwords. I want to remove the password protection from all of them without extracting the contents. Since each file is larger than 1 GB, decompressing & then recompressing without password encryption is not a good option for me. How can I easily do that? I'm using WinRAR 3.80 on Win7. Any other 3rd party tools are welcomed.

Read the article
How to add authentication to ssh dynamic port forwarding?

- by Aalex Gabi

I am using ssh as a SOCKS server by running this command on the server: ssh -f2qTnND *:1080 root@localhost There is one problem: anybody can connect to the server and use it's internet connection. Options: To use iptables to filter access to the server, but I connect to the server from various non-statically allocated IP addresses so I would have to edit very frequently those filters which can be annoying. To install a SOCKS server on the remote. Ultimately this is the last option if there is no other simpler way to do it. (I am very lazy) Launching the same command on clients machines. The problem here is that some clients don't run on Linux and it is awkward to set up the tunnel (Windows + Putty). Is there a way to add authentication to a SOCKS server made using ssh? Bonus question: How to add encryption between the client and the server (made using ssh)?

Read the article
Crypto-Analysis of keylogger logs and config file. Possible?

- by lost.

Is there anyway Encryption on an unidentified file can be broken(file in question: config file and log files from ardamax keylogger). These files date back all the way to 2008. I searched everywhere, nothing on slashdot, nothing on google. Ardamax Keyviewer? Should I just write to Ardamax? I am at a loss of what to do. I feel comprimised. Anyone managed to decrpyt files with Crypto-analysis? More Information-- There are log files in the folder and a configuration file, "akv.cfg". Is it possible to decrypt the files and maybe getting the attackers email address used to receive the keylogger logs? I've Checked ardamax.com. They have an built-in log viewer. But its unavailable for download. If superuser isn't the proper place to ask, know where I might get help?

Read the article
Are there any FIPS-140-2 certified solutions for Linux?

- by Mark Renouf

I'm not even 100% certain what this involves, but my current understanding is this: use of only approved cryptographic algorithms for network traffic (easy, we use SSL and lock down the algorithms to only the really strong ones). Some form of physical data protection, involving disk encryption and physical tamper evident packaging. Obviously we're on our own if we need a tamper-proof product. But what about software for encrpytion. My guess is just using LUKS (although secure) will not be certified because it's open source (gov't seems a bit biased towards proprietary solutions here). Guardian Edge was mentioned by someone, but that appears to be complete Windows-based. So we need something like it, certified FIPS-140 compliant we can use on Linux.

Read the article
No space left on device with encrypted disk that takes all space

- by Yosef

I use Ubuntu 11.04. There's no space left on device. I have encrypted the disk that takes up space (maybe it's good to disable it, but I don't know how). In shell, I get this message: No space left on device I run df -I: Filesystem Inodes IUsed IFree IUse% Mounted on /dev/sda1 3055616 602499 2453117 20% / none 210161 890 209271 1% /dev none 214789 8 214781 1% /dev/shm none 214789 53 214736 1% /var/run none 214789 3 214786 1% /var/lock /home/myuser/.Private 3055616 602499 2453117 20% /home/myuser df -I Edit: When I run only df: Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 48060296 45618928 0 100% / none 1538340 684 1537656 1% /dev none 1547596 808 1546788 1% /dev/shm none 1547596 104 1547492 1% /var/run none 1547596 0 1547596 0% /var/lock /home/myuser/.Private 48060296 45618928 0 100% /home/myuser Edit: I thinking about few solution but I don't know which better and how exactly to do them: to enlarge partition size (I cant install gparted - no more disk space) remove encryption of partition - I really not need that

Read the article
Disabling weak ciphers on Windows 2003

- by Kev

For PCI-DSS compliance you have to disable weak ciphers. PCI-DSS permits a minimum cipher size of 128 bits. However for the highest score (0 I believe) you should only accept 168 bit ciphers but you can still be compliant if you permit 128 bit ciphers. The trouble is that when we disable all but 168 bit encryption it seems to disable both inbound and out bound secure channels. For example we'd like to lock down inbound IIS HTTPS to 168 bit ciphers but permit outbound 128 bit SSL connections to payment gateways/services from service applications running on the server (not all payment gateways support 168 bit only we just found out today). Is it possible to have cipher asymmetry on Windows 2003? I am told it is all or nothing.

Read the article
Exchange enrypted messages with a single recipient

- by Andy

I need to exchange encrypted messages with another party. These would be in the form of email like communication (not instant chat). The solution needs to be portable (USB stick). I've tried "Portable Thunderbird/Enigmail/Gnupg/Hotmail account" but it's just impossible to setup portable, countless meaningless error messages. Anyway, I would prefer something more straightforward. Notes: We won't know each others IP addresses. Our computers will often be switched off. Encryption would ideally be using a common password. Is there a solution to this?

Read the article
Compress, enctypt and upload a directory to an FTP server in Linux

- by Kristoffer L

I want to acomplish something rather simple (at least it would seem to be): Compress a directory Encrypt the compressed file Upload the compressed & encrypted file via FTP I also want to acomplish this in an automated fashion on Linux server. TrueCrypt is not really an option as it seems it can't complress a single file, instead you have to make a volume that you mount and move the files into. This question answers how to do the the upload and I know how to compress a directory. It is just the encryption that's giving me problems.

Read the article
Compress, encrypt and upload a directory to an FTP server in Linux

- by Kristoffer L

I want to accomplish something rather simple (at least it would seem to be): Compress a directory Encrypt the compressed file Upload the compressed & encrypted file via FTP I also want to accomplish this in an automated fashion on Linux server. TrueCrypt is not really an option in this case as it seems it can't compress a single file. Instead you have to make a volume that you mount and move the files into. This question answers how to do the the upload and I know how to compress a directory. It is just the encryption that's giving me problems.

Read the article
Is there such thing as hardware encrypted raid disk?

- by Dumitrescu Bogdan

I have a server for which I want to protect the content. The server is located on a clients premises. Is there a way to encrypt the content of a RAID DISK (at hardware level) ? What I need is that the server will not be able to start as long as the required password is not provided (the encryption key) I will give the best answer to Miles, though the answer was not exactly to my question. But from all the comments, it seems that it cannot be done hardware or .. it cannot be done as I would like to.

Read the article
Exchange enrypted messages with a single recipient [portable]

- by Andy

I need to exchange encrypted messages with another party. These would be in the form of email like communication (not instant chat). The solution needs to be portable (USB stick). I've tried "Portable Thunderbird/Enigmail/Gnupg/Hotmail account" but it's just impossible to setup portable, countless meaningless error messages. Anyway, I would prefer something more straightforward. Notes: We won't know each others IP addresses. Our computers will often be switched off. Encryption would ideally be using a common password. Is there a solution to this?

Read the article
How can I create an encrypted, bootable thumbdrive containing Linux?

- by Hanno Fietz

I want to have a bootable flash drive that's fully encrypted. I have not tested, but seem to like, TrueCrypt, which provides a fully encrypted system and has lots of other features I like (for instance, hidden volumes). Unfortunately, it seems, system encryption is only supported for Windows, although I'm not sure why. The crux here, I guess, is that you need a boot loader that is capable of asking for your password and decrypt the disk, at least the part that contains kernel and initrd. An alternative might be to have an unencrypted boot partition containing a more powerful system which will decrypt and mount the main partition. However, this brings up the question of whether you're introducing data leaks. Depending on the specific scenario, I may lack the experience to assess if this is a problem. So I'd strongly prefer a fully encrypted disk or a similarly straightforward alternative.

Read the article
Backing up data in an encrypted way

- by Eli Bendersky

I have the following use case: There's some data from my PC I want to periodically back-up online I own some hosting, so I want to use that for the backups, don't want to pay to another backup service I want to encrypt my data locally prior to moving it to the server I have no problem writing scripts to automate the process (say, periodically generate the backup and upload by FTP to my server), but my main question is about step 3 - the encryption: which way is recommended to encrypt my files (say, collected into a .ZIP) prior to uploading to the server? P.S. TrueCrypt seems popular but it's not quite what I'm looking for, since I don't want the files to be constantly encrypted here on my PC.

Read the article
Mount encrypted hfs in ubuntu

- by pagid

I try to mount an encrypted hfs+ partition in ubuntu. An older post described quite good how to do it, but lacks the information how to use encrypted partitions. What I found so far is: # install required packages sudo apt-get install hfsprogs hfsutils hfsplus loop-aes-utils # try to mount it mount -t hfsplus -o encryption=aes-256 /dev/xyz /mount/xyz But once I run this I get the following error: Error: Password must be at least 20 characters. So I tried to type it in twice, but that results in this: ioctl: LOOP_SET_STATUS: Invalid argument, requested cipher or key (256 bits) not supported by kernel Any suggestions? Thx Edit: One thing I'm not sure about is whether I use the right password. My assumption is that it is my default one for these situations. But I'm not sure whether Max OSX choose another password (internally) for that.

Read the article
How to allow password protected start-stop-daemon functionality?

- by Mahmoud Abdelkader

I would like to use Ubuntu's start-stop-daemon to start my application, but the application protects some sensitive information, so I have a mechanism where the application prompts for a password that's then used to generate a hashkey, which is used as the secret key for a symmetric encryption (AES) to encrypt and decrypt things from a database. I'd like to daemonize this application and have it run from start-stop-daemon, so that sudo service appname stop and sudo service appname start would work, but, I'm not sure how to go about doing this with the added complexity of a password prompt. Is there something that supports this or do I have to program it from scratch? I figured I should ask first before re-inventing the wheel. Thanks in advance.

Read the article
Encrypt temporary password using public ssh key

- by David M. Syzdek

I manage a virtual office and our staff uses both SSH keys and passwords for authentication. If one of our staff forgets his password, is there a way to encrypt a temporary password using his public RSA ssh key so I can send it to him via e-mail? I've seen other questions related to this one, however the "answers" generally recommend against using the public/private SSH keys to perform general encryption/decryption and do not actually state if this is possible. I would like to know if it is indeed possible and what are the steps to encrypt and then decrypt the password.

Read the article
Is it possible to FORMAT an external hard disk that has been encrypted using Storagecrypt?

- by Pandian John

Basically the big problem is that about 680 GB of data from my Seagate 2 TB Ext HD is lost because I was experimenting with a software called storagecrypt. I used it a few months ago and today I tried it again but i didn't know that the old password is already set in the hard disk when I pressed the encrypt button. I forgot the password which is disappointing. Not to mention that software uses 128 bit AES encryption so there is no way iam going to recover that data. My question is that is it possible to Format my Hard disk which has been encrypted? What i mean is that is it possible to completely wipe the data just like it is newly bought so that I can use my External Hard disk?( I tried to format by right click-- Format. But the size of the disk is shown as 1 MB. Answers would be very much appreciated. Thanks.

Read the article
How to resize an encrypted LVM in RAID 1 in Linux?

- by user28712

Hi, I am running 3 partitions in RAID 1. Partition : Mountpoint : Filesystem : Encrypted : LVM ------------------------------------------------------ 1 : /boot : ext2 : No : No 2 : / : ext3 : Yes : No 3 : /home : xfs : Yes : Yes It now happens that I have given the root of the system too few gigs; i would like to shrink the LVM (3) and give the root(2) more space. How can I do this safely without messing up the system? In what order do I have to resize the raid partitions, encryption, lvm, file systems? Any help would be greatly appreciated. Adriaan

Read the article
Encrypting a single File with password and keyfile

- by Ctroy

I am a fan of True Crypt and I guess it's the best encryption tool available. As far as I understand, True Crypt created encrypted containers which acts a place to store files. But I would like to encrypt a single file. Preferably with a password and a special key file (like in truecrypt). It would be great (but not mandatory), if the file doesn't require any third party software to encrypt and decrypt, in the sense that I provide the password and key to the file directly. Thanks in advance.

Read the article
Can GnomeKeyring store passwords unencrypted?

- by antimeme

I have a Fedora 15 laptop with the root and home partitions encrypted using LUKS. When it boots I have to enter a pass phrase to unlock the master key, so I have it configured to automatically log me in to my account. However, GnomeKeyring remains locked, so I have to enter another pass phrase for that. This is unpleasant and completely pointless since the entire disk is encrypted. I've not been able to find a way to configure GnomeKeyring to store its pass phrases without encryption. For example, I was not able to find an answer here: http://library.gnome.org/users/seahorse-plugins/stable/index.html.en Is there a solution? If not, is there a mailing list where it would be appropriate to plead my case?

Read the article

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28 | Next Page >