Search Results

Search found 2195 results on 88 pages for 'encryption symmetric'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 24/88 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

  • sha1(password) encryption

    - by Jason
    Alright, so I tried to make my users info super secure by adding '" . sha1($_POST['password']) . "' when inserting their password when they register. THAT WORKS great, looking at the database, I have no clue what their password is. Now the problem is logging in. I'm running some tests and when I try to log in, the password 12345 doesn't match the encrypted password using "$password=sha1($_POST['mypassword']);" Any idea's why?

    Read the article

  • Encryption using rijndael

    - by user363295
    Hi all. I'm quite new in programming .I wrote the below code in order to prompt the user for a password to encrypting a file, But it just work when the length of password is 8, What can I do on order to accepting any number of characters for the password? string pass = textBox2.Text.ToString(); string password = @"" + pass + ""; UnicodeEncoding UE = new UnicodeEncoding(); byte[] key = UE.GetBytes(password); FileStream fsCrypt = new FileStream(@"c:\\users\\new", FileMode.Create); name = fsCrypt.Name; RijndaelManaged RMCrypto = new RijndaelManaged(); CryptoStream cs = new CryptoStream(fsCrypt, RMCrypto.CreateEncryptor(key, key), CryptoStreamMode.Write); FileStream fsIn = new FileStream(filename, FileMode.Open); int data; while ((data = fsIn.ReadByte()) != -1) cs.WriteByte((byte)data);

    Read the article

  • Encryption for Executable

    - by Farooq
    Can anyone recommend what's a good way to encrypt an executable? I was trying to use AxCrypt but I don't like the usage, i.e. you specify a passcode and the person who launches the exe needs to specify the passcode. Is there someway to encrypt it once and users just run the exe without specifying any passwords?

    Read the article

  • Network Security and Encryption explained in laymen terms

    - by Ehrann Mehdan
    Although I might pretend very well that I known a thing about networks or security and it might help me pass an interview, or fix a bug, I don't really feel I'm fooling anyone. I'm looking for a laymen terms explanation of nowadays network security concepts and solutions. The information is scattered around and I didn't find a resource for "dummies" like me (e.g experienced Java developers that can speak the jargon but have no real clue what it means) Topics I have a weak notion about and want to understand better as a Java developer PGP Public / Private keys RSA / DES SSL and 2 way SSL (keystore / trustore) Protecting against Man in the middle fraud Digital Signature and Certificates Is there a resource out there that really explains it in a way that doesn't require a Cisco certificate / Linux lingo / know what is subnet masking or other plumbing skills?

    Read the article

  • Simple encryption - Sum of Hashes in C

    - by Dogbert
    I am attempting to demonstrate a simple proof of concept with respect to a vulnerability in a piece of code in a game written in C. Let's say that we want to validate a character login. The login is handled by the user choosing n items, (let's just assume n=5 for now) from a graphical menu. The items are all medieval themed: eg: _______________________________ | | | | | Bow | Sword | Staff | |-----------|-----------|-------| | Shield | Potion | Gold | |___________|___________|_______| The user must click on each item, then choose a number for each item. The validation algorithm then does the following: Determines which items were selected Drops each string to lowercase (ie: Bow becomes bow, etc) Calculates a simple string hash for each string (ie: `bow = b=2, o=15, w=23, sum = (2+15+23=40) Multiplies the hash by the value the user selected for the corresponding item; This new value is called the key Sums together the keys for each of the selected items; this is the final validation hash IMPORTANT: The validator will accept this hash, along with non-zero multiples of it (ie: if the final hash equals 1111, then 2222, 3333, 8888, etc are also valid). So, for example, let's say I select: Bow (1) Sword (2) Staff (10) Shield (1) Potion (6) The algorithm drops each of these strings to lowercase, calculates their string hashes, multiplies that hash by the number selected for each string, then sums these keys together. eg: Final_Validation_Hash = 1*HASH(Bow) + 2*HASH(Sword) + 10*HASH(Staff) + 1*HASH(Shield) + 6*HASH(Potion) By application of Euler's Method, I plan to demonstrate that these hashes are not unique, and want to devise a simple application to prove it. in my case, for 5 items, I would essentially be trying to calculate: (B)(y) = (A_1)(x_1) + (A_2)(x_2) + (A_3)(x_3) + (A_4)(x_4) + (A_5)(x_5) Where: B is arbitrary A_j are the selected coefficients/values for each string/category x_j are the hash values for each string/category y is the final validation hash (eg: 1111 above) B,y,A_j,x_j are all discrete-valued, positive, and non-zero (ie: natural numbers) Can someone either assist me in solving this problem or point me to a similar example (ie: code, worked out equations, etc)? I just need to solve the final step (ie: (B)(Y) = ...). Thank you all in advance.

    Read the article

  • SHA-256 encryption wrong result in Android

    - by user642966
    I am trying to encrypt 12345 using 1111 as salt using SHA-256 encoding and the answer I get is: 010def5ed854d162aa19309479f3ca44dc7563232ff072d1c87bd85943d0e930 which is not same as the value returned by this site: http://hash.online-convert.com/sha256-generator Here's the code snippet: public String getHashValue(String entity, String salt){ byte[] hashValue = null; try { MessageDigest digest = MessageDigest.getInstance("SHA-256"); digest.update(entity.getBytes("UTF-8")); digest.update(salt.getBytes("UTF-8")); hashValue = digest.digest(); } catch (NoSuchAlgorithmException e) { Log.i(TAG, "Exception "+e.getMessage()); } catch (UnsupportedEncodingException e) { // TODO Auto-generated catch block e.printStackTrace(); } return BasicUtil.byteArrayToHexString(hashValue); } I have verified my printing method with a sample from SO and result is fine. Can someone tell me what's wrong here? And just to clarify - when I encrypt same value & salt in iOS code, the returned value is same as the value given by the converting site.

    Read the article

  • Whats the difference in GET and POST encryption?

    - by Dju
    What is the difference when encrypting GET and POST data? Thx for answer Edit: i need to write it more specific. When https-SSL encrypts both of this methods, what is the difference in way browser does this. Which parts are encrypted and which are not? I somewhere read, that the destination url is not encrypted in POST, is that true? If it is true and same in GET, where are all the parameters?

    Read the article

  • encryption problem for wlan profile

    - by Jassi
    i am trying to encrypt keyMaterial element from wireless profile. so I want to convert byte array into OLECHAR but it is giving me wrong output not key sea the below code you may know the solution... DATA_BLOB in; DATA_BLOB out; BYTE pin=(BYTE)"FIPL2"; DWORD din=strlen((char*)pin)+1; in.pbData = pin; in.cbData = din; if(CryptProtectData(&in,L"what is it",NULL,NULL,NULL,0,&out)) { BYTE *b=out.pbData; USES_CONVERSION; bstr=SysAllocString(W2BSTR((const WCHAR *)b)); HRCALL(peSubS222->put_text(bstr), ""); SysFreeString(bstr); bstr=NULL; } else { cout<<"NOOOOOOOOOOOOOOOO :("; } what is missing please help me out

    Read the article

  • Simple integer encryption

    - by tloflin
    Is there a simple algorithm to encrypt integers? That is, a function E(i,k) that accepts an n-bit integer and a key (of any type) and produces another, unrelated n-bit integer that, when fed into a second function D(i,k) (along with the key) produces the original integer? Obviously there are some simple reversible operations you can perform, but they all seem to produce clearly related outputs (e.g. consecutive inputs lead to consecutive outputs). Also, of course, there are cryptographically strong standard algorithms, but they don't produce small enough outputs (e.g. 32-bit). I know any 32-bit cryptography can be brute-forced, but I'm not looking for something cryptographically strong, just something that looks random. Theoretically speaking it should be possible; after all, I could just create a dictionary by randomly pairing every integer. But I was hoping for something a little less memory-intensive.

    Read the article

  • Do encryption algorithms provide really unique results?

    - by Mikulas Dite
    I was wondering whether md5, sha1 and anothers return unique values. For example, sha1() for test returns a94a8fe5ccb19ba61c4c0873d391e987982fbbd3, which is 40 characters long. So, sha1 for strings larger than 40 chars must be the same (of course it's scrambled, because the given input may contain whitespaces and special chars etc.). Due to this, when we are storing users' passwords, they can enter either their original password or some super-long one, which nobody knows. Is this right, or do these hash algorithms provide really unique results - I'm quite sure it's hardly possible.

    Read the article

  • iPhone AES encryption issue

    - by Dilshan
    Hi, I use following code to encrypt using AES. - (NSData*)AES256EncryptWithKey:(NSString*)key theMsg:(NSData *)myMessage { // 'key' should be 32 bytes for AES256, will be null-padded otherwise char keyPtr[kCCKeySizeAES256 + 1]; // room for terminator (unused) bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) // fetch key data [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [myMessage length]; //See the doc: For block ciphers, the output size will always be less than or //equal to the input size plus the size of one block. //That's why we need to add the size of one block here size_t bufferSize = dataLength + kCCBlockSizeAES128; void* buffer = malloc(bufferSize); size_t numBytesEncrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, kCCKeySizeAES256, NULL /* initialization vector (optional) */, [myMessage bytes], dataLength, /* input */ buffer, bufferSize, /* output */ &numBytesEncrypted); if (cryptStatus == kCCSuccess) { //the returned NSData takes ownership of the buffer and will free it on deallocation return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted]; } free(buffer); //free the buffer; return nil; } However the following code chunk returns null if I tried to print the encryptmessage variable. Same thing applies to decryption as well. What am I doing wrong here? NSData *encrData = [self AES256EncryptWithKey:theKey theMsg:myMessage]; NSString *encryptmessage = [[NSString alloc] initWithData:encrData encoding:NSUTF8StringEncoding]; Thank you

    Read the article

  • Logging in with sha1() encryption.

    - by Samir Ghobril
    Hey guys, I added this to my sign up code : $password=mysql_real_escape_string(sha1($_POST['password'])); and now it inserts the password into the database while its encrypted. But signing in doesn't seem to work anymore. Here is the login code. function checklogin($username, $password){ global $mysqli; $password=sha1($password); $result = $mysqli->prepare("SELECT * FROM users WHERE username = ? and password=?"); $result->bind_param("ss", $username, $password); $result->execute(); if($result != false){ $dbArray=$result->fetch(); if(!$dbArray){ echo '<p class="statusmsg">The username or password you entered is incorrect, or you haven\'t yet activated your account. Please try again.</p><br/><input class="submitButton" type="button" value="Retry" onClick="location.href='."'login.php'\">"; return; } $_SESSION['username']=$username; if(isset($_POST['remember'])){ setcookie("jmuser",$username,time()+60*60*24*356); setcookie("jmpass",$password ,time()+60*60*24*356); } redirect(); }

    Read the article

  • Using DPAPI / ProtectedData in a web farm environment with the User Store

    - by Lachman
    I was wondering if anyone had successfully used DPAPI with a user store in a web farm enviroment? Because our application is a recently converted from 1.1 to 2.0 asp.net app, we're using a custom wrapper which directly calls the CryptUnprotect methods. But this should be the same as the ProtectedData method available in the 2.0 framework. Because we are operating in a web farm environment, we can't guarantee that the machine that did the encryption is going to be the one decrypting it. (Also because machine failures shouldn't destroy our encrypted data). So what we have is a serviced component that runs in a service under a particular user account on each one of our web boxes. This user is a set up to have a roaming profile, as per the recomendation. The problem we have is that info encrypted on one machine can not be decrypted on another, this fails with the win32 error 'Key not valid for use in specified state'. I suspect that this is because I've made a mistake by having the encryption service running as the user on multiple machines, hence keeping the user logged in on more than one machine at the same time. If this is the problem, how are other using DPAPI with the User Store in a web farm environment?

    Read the article

  • Prerequisites for Account management via an IPhone App?

    - by Icky
    Hello. I have been reading a couple of threads for this topic on this site. I want to create an App, which communicates with a server and has the following features: the User can create/manage an account on the server the App communicates with the server via a secure connection the User is updated about important news through messages From what I understood so far, I need to take care of the following: establish a secure connection with the server send account information(user data, password) to the server and authenticate the client side management and encryption of account data/information is handled by the server, so the App only sends data, the server stores/encrypts (no need for me to take care of anything) So far, I think, I have covered the most important features. I have read, that NSURLConnection can be used, to send the authentication data. But how is further communication ensured? And how is the encryption managed? Are there any useful tutorials on this, because this is the first time I delve into this topic, and any guidance is greatly appreciated! Also, if I have missed anything important (e.g. with managing accounts) please tell me.

    Read the article

  • How to get user input before saving a file in Sublime Text

    - by EddieJessup
    I'm making a plugin in Sublime Text that prompts the user for a password to encrypt a file before it's saved. There's a hook in the API that's executed before a save is executed, so my naïve implementation is: class TranscryptEventListener(sublime_plugin.EventListener): def on_pre_save(self, view): # If document is set to encode on save if view.settings().get('ON_SAVE'): self.view = view # Prompt user for password message = "Create a Password:" view.window().show_input_panel(message, "", self.on_done, None, None) def on_done(self, password): self.view.run_command("encode", {password": password}) The problem with this is, by the time the input panel appears for the user to enter their password, the document has already been saved (despite the trigger being 'on_pre_save'). Then once the user hits enter, the document is encrypted fine, but the situation is that there's a saved plaintext file, and a modified buffer filled with the encrypted text. So I need to make Sublime Text wait until the user's input the password before carrying out the save. Is there a way to do this? At the moment I'm just manually re-saving once the encryption has been done: def on_pre_save(self, view, encode=False): if view.settings().get('ON_SAVE') and not view.settings().get('ENCODED'): self.view = view message = "Create a Password:" view.window().show_input_panel(message, "", self.on_done, None, None) def on_done(self, password): self.view.run_command("encode", {password": password}) self.view.settings().set('ENCODED', True) self.view.run_command('save') self.view.settings().set('ENCODED', False) but this is messy and if the user cancels the encryption then the plaintext file gets saved, which isn't ideal. Any thoughts? Edit: I think I could do it cleanly by overriding the default save command. I hoped to do this by using the on_text_command or on_window_command triggers, but it seems that the save command doesn't trigger either of these (maybe it's an application command? But there's no on_application_command). Is there just no way to override the save function?

    Read the article

  • Deterministic and non uniform long string generation from seed

    - by Limonup
    I had this weird idea for an encryption that I wanted to try out, it may be bad, and it may have done before, but I'm just doing it for fun. The short version of the question is: Is it possible to generate a long, deterministic and non-uniformly distributed string/sequence of numbers from a small seed? Long(er) version: I was thinking to encrypt a text by changing encoding. The new encoding would be generated via Huffman algorithm. To work well, the Huffman algorithm would need a fairly long text with non uniform distribution. Then characters can have different bit-lengths which would be the primary strength of this encryption. The problem is that its impractical to enter in/remember a long text each time you want to decrypt the text. So I was wondering if it was possible to generate a text from password seed? It doesn't matter what the text is, as long as it has non uniform distribution of characters and that the exact same sequence can be recreated each time you give it the same seed. Preferably, are there any functions/extensions in Python that can do this? EDIT: To expand on the "strength" of varying bit length: if I have a string "test", ASCII values 116, 101, 115, 116, which gives bit values of 1110100 1100101 1110011 1110100 Then, say my Huffman algorithm generates encoding like t = 101 e = 1100111 s = 10001 The final string is 101 1100111 10001 101, if we encode this back to ASCII, we get 1011100 1111000 1101000, which is 3 entirely different characters. Obviously its impossible to perform any kind of frequency analysis or something like that on this.

    Read the article

  • Endianness and C API's: Specifically OpenSSL.

    - by Hassan Syed
    I have an algorithm that uses the following OpenSSL calls: HMAC_update() / HMAC_final() // ripe160 EVP_CipherUpdate() / EVP_CipherFinal() // cbc_blowfish These algorithm take a unsigned char * into the "plain text". My input data is comes from a C++ std::string::c_str() which originate from a protocol buffer object as a encoded UTF-8 string. UTF-8 strings are meant to be endian neutrial. However I'm a bit paranoid about how OpenSSL may perform operations on the data. My understanding is that encryption algorithms work on 8-bit blocks of data, and if a unsigned char * is used for pointer arithmetic when the operations are performed the algorithms should be endian neutral and I do not need to worry about anything. My uncertainty is compounded by the fact that I am working on a little-endian machine and have never done any real cross-architecture programming. My beliefs/reasoning are/is based on the following two properties std::string (not wstring) internally uses a 8-bit ptr and a the resulting c_str() ptr will itterate the same way regardless of the CPU architecture. Encryption algorithms are either by design, or by implementation, endian neutral. I know the best way to get a definitive answer is to use QEMU and do some cross-platform unit tests (which I plan to do). My question is a request for comments on my reasoning, and perhaps will assist other programmers when faced with similar problems.

    Read the article

  • Basic security, PHP mySQl

    - by yuudachi
    So I am making a basic log-in page. I have a good idea of what to do, but I'm still unsure of some things. I have a database full of students and a password column of course. I know I'm going to use md5 encryption in that column. The student enters their e-mail and student ID, and they get e-mailed a password if correct. But, where do I create the password? Do I have to manually add the password (which is just a randomly generated string) in mySQL to all the students? And I am suppose to send the password to the student; how will I know what to send the student if the password is encrypted? I was thinking about generating the password when the student first enters their e-mail and student ID. They get an e-mail of the random string, and at the same time, I add the same random string to the database, encrypted. Is that how it's suppose to work though? And it feels unsafe doing that all on the same page. Sorry for the long-winded, newbish question. I find this all facisnating at the same time as well (AES and RSA encryption :O)

    Read the article

  • Building an 'Activation Key' Generator in JAVA

    - by jax
    I want to develop a Key generator for my phone applications. Currently I am using an external service to do the job but I am a little concerned that the service might go offline one day hence I will be in a bit of a pickle. How authentication works now. Public key stored on the phone. When the user requests a key the 'phone ID' is sent to the "Key Generation Service" and the encrypted key key is returned and stored inside a license file. On the phone I can check if the key is for the current phone by using a method getPhoneId() which I can check with the the current phone and grant or not grant access to features. I like this and it works well, however, I want to create my own "Key Generation Service" from my own website. Requirements: Public and Private Key Encryption:(Bouncy Castle) Written in JAVA Must support getApplicationId() (so that many applications can use the same key generator) and getPhoneId() (to get the phone id out of the encrypted license file) I want to be able to send the ApplicationId and PhoneId to the service for license key generation. Can someone give me some pointers on how to accomplish this? I have dabbled around with some java encryption but am definitely no expert and can't find anything that will help me. A list of the Java classes I would need to instantiate would be helpful.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >