encryption asymmetric - Page 3

12.04 home encrypted and I have written down encryption passphrase. How to reset login password?

- by Stevie

I set up a friend with 12.04 and he forgot his password. I encrypted his home directory and I have written down the encryption passphrase during the first boot. If he changed his password after I wrote down the encryption passphrase during the first boot is this original encryption passphrase of any use? What should I do to reset or recover his password and keep everything accessible and functionally intact with the encrypted home directory?

Read the article

BAD_UID error while exporting key in CryptoAPI

- by mindthief

Hi all, I am writing a test application for Microsoft CryptoAPI. I want to export the secret key of one party using the public key of the second party, and then import that secret key as the second party's secret key (this sets up a shared secret key for communication). Here is my code: if(!CryptExportKey(encryptT->hSymKey, decryptT->hPubKey, SIMPLEBLOB, 0, keyExBuf, &bufLen)) { FormattedDebugPrint(NULL, GetLastError(), "could not export secret key", TRUE); return -1; } if(!CryptImportKey(decryptT->hCryptProv, keyExBuf, bufLen, decryptT->hPubKey, 0, &(decryptT->hSymKey))) { FormattedDebugPrint(NULL, GetLastError(), "could not import secret key", TRUE); return -1; } And this gives the error: 80090001: Bad UID. The public keypair is being generated for both encryptT and decryptT (sender, receiver) by calling: CryptGenKey(encryptT->hCryptProv, CALG_RSA_KEYX, CRYPT_EXPORTABLE, &(encryptT->hPubKey)) Any idea what could be causing the error? Thanks,

Read the article

Simple, user friendly and strong file encryption in Windows

- by Adam Matan

I want a colleague of mine to send me a sensitive MS-Word document via e-mail. Since Word's encryption is questionable, I would like to encrypt the file using a passphrase. Do you know of any user-friendly encryption tool that a novice user can easily use? I wouldn't like to prompt for keys or anything like this - just provide simple interface for single file encryption. EDIT: I have solved this using Putty Secure Copy, through a Linux box I have somewhere. The user downloaded scp to the same directory where the file was, and I have send him the exact scp command by mail. Nice! Another Edit I have some additions (mainly the usage of winscp and perhaps virtual machines). My detailed answer appears below, as requested in comments.

Read the article

asymetric encryption of directory

- by ftiaronsem

Hello alltogether Currently I am wondering whether it is possible to apply asymetric encryption of a directory in Linux. I would like to achieve the following: Write log files to /var/log/secret Everything written to /var/log/secret is instantly encrypted by a public RSA key (or something similar) The encryption programms I know, i.e. ecryptfs do not support asymetric encryption of files, at least as far as I know. (Correct me if I am wrong). Therefore I am asking here whether you know of any possibility to implement this. Thanks in advance

Read the article

Free Mac whole disk encryption

- by stevekuo

Are there any free solutions for encrypting the entire boot disk on a Mac? I'm aware of PGP's Whole Disk Encryption, but it's a bit steep at $149. TrueCrypt's System Encryption seems to only work with Windows.

Read the article

Best Secure Encryption for Zip Files via Linux

- by Daniel

I want to use highly secure encryption for zipped files via Linux/Ubuntu using a command line terminal, what is the best command line tool to get this job done? zip -e -P PASSWORD file1 file2 file3 file4 Or 7za a file.7z *.txt -pSECRET What encryption is used and how secure is it?

Read the article

iPhone's Mail application and data encryption

- by Maroloccio

I use the iPhone Mail application to check my Gmail (IMAP). Is the data stored on the iPhone "secure"? Is it, for instance, encrypted? Key strength? Thanks! I searched the site for "iphone encryption" but could not find an answer re: encryption level (if any).

Read the article

TDE, EKM and the Asymmetric Key

A look at how you might recover from a disaster using encryption and an HSM module in SQL Server 2008.

Read the article

Encryption setup for Linux NAS?

- by Daniel

There's a bazillion hard disk encryption HOWTOs, but somehow I can't find one that actually does what I want. Which is: I have a home NAS running Ubuntu, which is being accessed by a Linux and a Win XP client. (Hopefully MacOS X soon...) I want to setup encryption for home dirs on the NAS so that: It does not interfere with the boot process (since the NAS it tucked away in a cupboard), the home dirs should be accessible as a regular file system on the client(s) (e.g. via SMB), it is easy to use by 'normal' people, (so it does not require SSH-ing to the NAS, mount the encrypted partition on command line, then connecting via SMB, and finally umount the partition after being done. I can't explain that to my mom, or in fact to anyone.) does not store the encryption key the NAS itself, encrypts file meta-data and content (i.e. safe against the 'RIAA' attack, where an intruder should not be able to identify which songs are in your MP3 collection). What I hoped to do was use Samba + PAM. The idea was that on connecting to the SMB server, I'd have to enter the password on the client, which sends it to the server for authentication, which would use the password to mount the encrpytion partition, and would unmount it again when the session was closed. Turns out that doesn't really work, because SMB does not transmit the password in the plain and hence I can't configure PAM to use the incoming password to mount the encrypted patition. So... anything I'm overlooking? Is there any way in which I can use the password entered on the client (e.g. on SMB connect) to initiate mounting the encrypted dir on the server?

Read the article

Understanding encryption Keys

- by claws

Hello, I'm really embarrassed to ask this question but its the fact that I don't know anything about encryption. I always avoided it. I don't understand the concept of encryption keys (public key, private key, RSA key, DSA key, PGP Key, SSH key & what not) . I did encounter these in regular basis but as I said I always avoided them. Here are few instances where I encountered: Creating Account: A public RSA or DSA key will be needed for an account. Send the key along with your desired account name to [email protected] I really don't know what are RSA/DSA or How to get their keys? Do I need to register some where for that? Mailing: I'm unable to recall exactly but I've seen some mails have some attachments like signature or the mail footer will have something called PGP signature etc.. I really don't get its concept. GIT Version control: I created account in assembla.com (for private GIT repo) and it asked me to enter "SSH keys" to my profile. Where am I gonna get these? Why do I need it? Isn't SSH related to remote login (like remote desktop or telnet)? How are these two SSHs related & differ? I don't know in how many more situations I'm going to encounter these things. I'm really confused and have no clue about where to start & how to proceed to learn these things. Kindly someone point me in correct direction. Note: I've absolutely zero interested in encryption related topics. So, there is no way I'm going to read a graduate level book on this subject. I just want to clear my concepts without going into much depth.

Read the article

Encrypt tar file asymmetrically

- by DerMike

I want to achieve something like tar -c directory | openssl foo > encrypted_tarfile.dat I need the openssl tool to use public key encryption. I found an earlier question about symmetric encryption at the command promt (sic!), which does not suffice. I did take a look in the openssl(1) man page and only found symmetric encryption. Does openssl really not support asymmetric encryption? Basically many users are supposed to create their encrypted tar files and store them in a central location, but only few are allowed to read them.

Read the article

Implementation of ZipCrypto / Zip 2.0 encryption in java

- by gomesla

I'm trying o implement the zipcrypto / zip 2.0 encryption algoritm to deal with encrypted zip files as discussed in http://www.pkware.com/documents/casestudies/APPNOTE.TXT I believe I've followed the specs but just can't seem to get it working. I'm fairly sure the issue has to do with my interpretation of the crc algorithm. The documentation states CRC-32: (4 bytes) The CRC-32 algorithm was generously contributed by David Schwaderer and can be found in his excellent book "C Programmers Guide to NetBIOS" published by Howard W. Sams & Co. Inc. The 'magic number' for the CRC is 0xdebb20e3. The proper CRC pre and post conditioning is used, meaning that the CRC register is pre-conditioned with all ones (a starting value of 0xffffffff) and the value is post-conditioned by taking the one's complement of the CRC residual. Here is the snippet that I'm using for the crc32 public class PKZIPCRC32 { private static final int CRC32_POLYNOMIAL = 0xdebb20e3; private int crc = 0xffffffff; private int CRCTable[]; public PKZIPCRC32() { buildCRCTable(); } private void buildCRCTable() { int i, j; CRCTable = new int[256]; for (i = 0; i <= 255; i++) { crc = i; for (j = 8; j > 0; j--) if ((crc & 1) == 1) crc = (crc >>> 1) ^ CRC32_POLYNOMIAL; else crc >>>= 1; CRCTable[i] = crc; } } private int crc32(byte buffer[], int start, int count, int lastcrc) { int temp1, temp2; int i = start; crc = lastcrc; while (count-- != 0) { temp1 = crc >>> 8; temp2 = CRCTable[(crc ^ buffer[i++]) & 0xFF]; crc = temp1 ^ temp2; } return crc; } public int crc32(int crc, byte buffer) { return crc32(new byte[] { buffer }, 0, 1, crc); } } Below is my complete code. Can anyone see what I'm doing wrong. package org.apache.commons.compress.archivers.zip; import java.io.IOException; import java.io.InputStream; public class ZipCryptoInputStream extends InputStream { public class PKZIPCRC32 { private static final int CRC32_POLYNOMIAL = 0xdebb20e3; private int crc = 0xffffffff; private int CRCTable[]; public PKZIPCRC32() { buildCRCTable(); } private void buildCRCTable() { int i, j; CRCTable = new int[256]; for (i = 0; i <= 255; i++) { crc = i; for (j = 8; j > 0; j--) if ((crc & 1) == 1) crc = (crc >>> 1) ^ CRC32_POLYNOMIAL; else crc >>>= 1; CRCTable[i] = crc; } } private int crc32(byte buffer[], int start, int count, int lastcrc) { int temp1, temp2; int i = start; crc = lastcrc; while (count-- != 0) { temp1 = crc >>> 8; temp2 = CRCTable[(crc ^ buffer[i++]) & 0xFF]; crc = temp1 ^ temp2; } return crc; } public int crc32(int crc, byte buffer) { return crc32(new byte[] { buffer }, 0, 1, crc); } } private static final long ENCRYPTION_KEY_1 = 0x12345678; private static final long ENCRYPTION_KEY_2 = 0x23456789; private static final long ENCRYPTION_KEY_3 = 0x34567890; private InputStream baseInputStream = null; private final PKZIPCRC32 checksumEngine = new PKZIPCRC32(); private long[] keys = null; public ZipCryptoInputStream(ZipArchiveEntry zipEntry, InputStream inputStream, String passwd) throws Exception { baseInputStream = inputStream; // Decryption // ---------- // PKZIP encrypts the compressed data stream. Encrypted files must // be decrypted before they can be extracted. // // Each encrypted file has an extra 12 bytes stored at the start of // the data area defining the encryption header for that file. The // encryption header is originally set to random values, and then // itself encrypted, using three, 32-bit keys. The key values are // initialized using the supplied encryption password. After each byte // is encrypted, the keys are then updated using pseudo-random number // generation techniques in combination with the same CRC-32 algorithm // used in PKZIP and described elsewhere in this document. // // The following is the basic steps required to decrypt a file: // // 1) Initialize the three 32-bit keys with the password. // 2) Read and decrypt the 12-byte encryption header, further // initializing the encryption keys. // 3) Read and decrypt the compressed data stream using the // encryption keys. // Step 1 - Initializing the encryption keys // ----------------------------------------- // // Key(0) <- 305419896 // Key(1) <- 591751049 // Key(2) <- 878082192 // // loop for i <- 0 to length(password)-1 // update_keys(password(i)) // end loop // // Where update_keys() is defined as: // // update_keys(char): // Key(0) <- crc32(key(0),char) // Key(1) <- Key(1) + (Key(0) & 000000ffH) // Key(1) <- Key(1) * 134775813 + 1 // Key(2) <- crc32(key(2),key(1) >> 24) // end update_keys // // Where crc32(old_crc,char) is a routine that given a CRC value and a // character, returns an updated CRC value after applying the CRC-32 // algorithm described elsewhere in this document. keys = new long[] { ENCRYPTION_KEY_1, ENCRYPTION_KEY_2, ENCRYPTION_KEY_3 }; for (int i = 0; i < passwd.length(); ++i) { update_keys((byte) passwd.charAt(i)); } // Step 2 - Decrypting the encryption header // ----------------------------------------- // // The purpose of this step is to further initialize the encryption // keys, based on random data, to render a plaintext attack on the // data ineffective. // // Read the 12-byte encryption header into Buffer, in locations // Buffer(0) thru Buffer(11). // // loop for i <- 0 to 11 // C <- buffer(i) ^ decrypt_byte() // update_keys(C) // buffer(i) <- C // end loop // // Where decrypt_byte() is defined as: // // unsigned char decrypt_byte() // local unsigned short temp // temp <- Key(2) | 2 // decrypt_byte <- (temp * (temp ^ 1)) >> 8 // end decrypt_byte // // After the header is decrypted, the last 1 or 2 bytes in Buffer // should be the high-order word/byte of the CRC for the file being // decrypted, stored in Intel low-byte/high-byte order. Versions of // PKZIP prior to 2.0 used a 2 byte CRC check; a 1 byte CRC check is // used on versions after 2.0. This can be used to test if the password // supplied is correct or not. byte[] encryptionHeader = new byte[12]; baseInputStream.read(encryptionHeader); for (int i = 0; i < encryptionHeader.length; i++) { encryptionHeader[i] ^= decrypt_byte(); update_keys(encryptionHeader[i]); } } protected byte decrypt_byte() { byte temp = (byte) (keys[2] | 2); return (byte) ((temp * (temp ^ 1)) >> 8); } @Override public int read() throws IOException { // // Step 3 - Decrypting the compressed data stream // ---------------------------------------------- // // The compressed data stream can be decrypted as follows: // // loop until done // read a character into C // Temp <- C ^ decrypt_byte() // update_keys(temp) // output Temp // end loop int read = baseInputStream.read(); read ^= decrypt_byte(); update_keys((byte) read); return read; } private final void update_keys(byte ch) { keys[0] = checksumEngine.crc32((int) keys[0], ch); keys[1] = keys[1] + (byte) keys[0]; keys[1] = keys[1] * 134775813 + 1; keys[2] = checksumEngine.crc32((int) keys[2], (byte) (keys[1] >> 24)); } }

Read the article

Is zip's encryption really bad?

- by Nifle

The standard advice for many years regarding compression and encryption has been that the encryption strength of zip is bad. Is this really the case in this day and age? I read this article about WinZip (it has had the same bad reputation). According to that article the problem is removed provided you follow a few rules when choosing your password. At least 12 characters in length Be random not contain any dictionary, common words or names At least one Upper Case Character Have at least one Lower Case Character Have at least one Numeric Character Have at least one Special Character e.g. $,£,*,%,&,! This would result in roughly 475,920,314,814,253,000,000,000 possible combinations to brute force Please provide recent (say past five years) links to back up your information.

Read the article

Encryption of external HDD -- accessible from windows without installation

- by Rainer

I would like to use encryption on my external HDD but I would like to be able to access the encrypted data from Windows as well. As suggested in other questions, TrueCrypt is one option here, or I am using momentarily encfs, which is not available for Windows. But my question goes further: I would like to be able to access the encrypted partition from Windows without installation as I will be using it from different Windows machines for which I have no administrator access. My main OS is Linux and I have full root access to that computer. Is there a full disk or file based encryption which I can use cross platform and which does not require installation under Windows? ADDITION: It seems that TrueCrypt provides a portable mode which fulfills my requirements partly: http://www.truecrypt.org/docs/?s=truecrypt-portable, but still the TrueCrypt driver needs to be installed by an administrator... pitty Thanks

Read the article

How secure is Microsoft 2007's encryption?

- by ericl42

I've read some various articles about Microsoft's encryption, and from what I gather, 2007 is secure using all default options due to it using AES, and 2000 and 2003 can be configured secure by changing the default algorithm to AES. I was wondering if anyone else has read any other articles or know of any specific vulnerabilities involved with how they implement the encryption. I would like to be able to tell users that they can use this to send semi sensitive documents as long as they use AES and a strong password. Thanks for the information.

Read the article

Using TrueCrypt (software encryption) with an SSD

- by Shackrock

I use full drive encryption (FDE) w/ TrueCrypt on my laptop. I have a 2nd gen I7 with AES instruction support, so honestly I can't even notice a speed change on the system with it on. My question, is for those who know about SSD's a lot. I previously (early 2011) read articles about how software encryption will negate the speed benefits that an SSD provides - because of the need for the SSD to send a delete command, then a write command, for every encrypted write - instead of just writing over data like a regular HDD would (or something like this...honestly I can't remember...ha!). Anyway, any improvements in this field? Is it pointless for me to grab an SSD if I'm using FDE? Thanks all.

Read the article

Windows XP: how to disable automatic encryption on downloaded files

- by T. Webster

I have Windows XP SP3 and every file I download is automatically encrypted no matter what directory I save the downloaded file in. So it's not as simple as turning off encryption of any specific directory, the file will be downloaded as encrypted regardless of whether the directory is encrypted or not. Is there a policy or registry setting somewhere to disable this automatic encryption? (EDIT: I doubt it's malware since this OS was just installed on this machine. It's my work PC and by default I think there's some group policy or other setting which not only sets everything in My Documents to encrypted, but also everything I download, no matter where it's downloaded to. )

Read the article

TDE Tablespace Encryption 11.2.0.1 Certified with EBS 11i

- by Steven Chan

Oracle Advanced Security is an optional licenced Oracle 11g Database add-on. Oracle Advanced Security Transparent Data Encryption (TDE) offers two different features: column encryption and tablespace encryption. TDE Tablespace Encryption 11.2.0.1 is now certified with Oracle E-Business Suite Release 11i. What is Transparent Data Encryption (TDE) ? Oracle Advanced Security Transparent Data Encryption (TDE) allows you to protect data at rest. TDE helps address privacy and PCI requirements by encrypting personally identifiable information (PII) such as Social Security numbers and credit card numbers. TDE is completely transparent to existing applications with no triggers, views or other application changes required. Data is transparently encrypted when written to disk and transparently decrypted after an application user has successfully authenticated and passed all authorization checks. Authorization checks include verifying the user has the necessary select and update privileges on the application table and checking Database Vault, Label Security and Virtual Private Database enforcement policies.

Read the article

BitLocker with Windows DPAPI Encryption Key Management

- by bigmac

We have a need to enforce resting encryption on an iSCSI LUN that is accessible from within a Hyper-V virtual machine. We have implementing a working solution using BitLocker, using Windows Server 2012 on a Hyper-V Virtual Server which has iSCSI access to a LUN on our SAN. We were able to successfully do this by using the "floppy disk key storage" hack as defined in THIS POST. However, this method seems "hokey" to me. In my continued research, I found out that the Amazon Corporate IT team published a WHITEPAPER that outlined exactly what I was looking for in a more elegant solution, without the "floppy disk hack". On page 7 of this white paper, they state that they implemented Windows DPAPI Encryption Key Management to securely manage their BitLocker keys. This is exactly what I am looking to do, but they stated that they had to write a script to do this, yet they don't provide the script or even any pointers on how to create one. Does anyone have details on how to create a "script in conjunction with a service and a key-store file protected by the server’s machine account DPAPI key" (as they state in the whitepaper) to manage and auto-unlock BitLocker volumes? Any advice is appreciated.

Read the article

TDE Tablespace Encryption 11.2.0.1 Certified with EBS 12

- by Steven Chan

Oracle Advanced Security is an optional licenced Oracle 11g Database add-on. Oracle Advanced Security Transparent Data Encryption (TDE) offers two different features: column encryption and tablespace encryption. 11.2.0.1 TDE Column encryption was certified with E-Business Suite 12 as part of our overall 11.2.0.1 database certification. As of today, 11.2.0.1 TDE Tablespace encryption is now certified with Oracle E-Business Suite Release 12. What is Transparent Data Encryption (TDE) ? Oracle Advanced Security Transparent Data Encryption (TDE) allows you to protect data at rest. TDE helps address privacy and PCI requirements by encrypting personally identifiable information (PII) such as Social Security numbers and credit card numbers. TDE is completely transparent to existing applications with no triggers, views or other application changes required. Data is transparently encrypted when written to disk and transparently decrypted after an application user has successfully authenticated and passed all authorization checks. Authorization checks include verifying the user has the necessary select and update privileges on the application table and checking Database Vault, Label Security and Virtual Private Database enforcement policies.

Read the article

pix 501 encryption license reduces inside hosts to 10

- by user7764

Hi I have an unlimted pix 501 with no encryption license installed. I have applied for and received a 3DES license. When I install the 3DES license, the inside hosts goes from unlimited to 10. Thankfully I had the presence of mind to keep a note of the old activation key. Is this normal behaviour? I would have thought not as I bought the pix as unlimited. Thanks Cammy

Read the article

How safe is the quicken encryption of files?

- by jmvidal

Quicken has a password-protection option where you type in a password and your file is encrypted. How good is this encryption and how does it depend on the length or complexity of my password? A google search reveals a lot of "quicken password recovery" programs, like this one, which make me feel like the password is just for keeping the really dumb criminals away, not the ones with large computers.

Read the article

Java Encryption issue

- by r1k0

I am using PBE encryption to encrypt and decrypt some text on an Android application but I get the BadPaddingException: with the "pad block corrupted" message when I use the wrong private key to decrypt the text. My question, since I am not well versed with encryption in Java, is if this is the normal behavior of the encryption API, because I need to do some logic in the case when the wrong key is entered, but I do not know the private key, nor do I store it anywhere (storing just the encrypted and decrypted check text). Thanks, Mihai

Read the article

Basic principles of computer encryption?

- by Andrew

I can see how a cipher can be developed using substitutions and keys, and how those two things can become more and more complex, thus offering some protection from decryption through brute-force approaches. But specifically I'm wondering: what other major concepts beyond substitution and key are involved? is the protection/secrecy of the key a greater vulnerability than the strength of the encryption? why does encryption still hold up when the key is 'public' ? are performance considerations a major obstacle to the development of more secure encryption?

Search Results

Search found 2113 results on 85 pages for 'encryption asymmetric'.

Page 3/85 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >

- by Stevie

- by mindthief

- by Chris Driver

- by Adam Matan

- by ftiaronsem

- by stevekuo

- by Daniel

- by Maroloccio

- by Daniel

- by claws

- by DerMike

- by gomesla

- by Nifle

- by Rainer

- by ericl42

- by Shackrock

- by T. Webster

- by Steven Chan

- by bigmac

- by Steven Chan

- by user7764

- by jmvidal

- by r1k0

- by Andrew

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >