Search Results

Search found 2195 results on 88 pages for 'encryption symmetric'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 36/88 | < Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >

  • How to pass variable value to gpg commands

    - by trainee
    $importkey = system('gpg --import newkey.asc . $username'); need to pass the file name as a variable.so that file name with its contents can be import in gnupg keyring. $gpg = system('gpg --recipient userid --output filename --armor --encrypt filename to encrypt', $retvalue); how can i pass the recipient email id(userid) and the filename as variable to gpg commands thanks!

    Read the article

  • How to Verify Signature, Loading PUBLIC KEY From PEM file?

    - by bbirtle
    I'm posting this in the hope it saves somebody else the hours I lost on this really stupid problem involving converting formats of public keys. If anybody sees a simpler solution or a problem, please let me know! The eCommerce system I'm using sends me some data along with a signature. They also give me their public key in .pem format. The .pem file looks like this: -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe+hkicNP7ROHUssGNtHwiT2Ew HFrSk/qwrcq8v5metRtTTFPE/nmzSkRnTs3GMpi57rBdxBBJW5W9cpNyGUh0jNXc VrOSClpD5Ri2hER/GcNrxVRP7RlWOqB1C03q4QYmwjHZ+zlM4OUhCCAtSWflB4wC Ka1g88CjFwRw/PB9kwIDAQAB -----END PUBLIC KEY----- Here's the magic code to turn the above into an "RSACryptoServiceProvider" which is capable of verifying the signature. Uses the BouncyCastle library, since .NET apparently (and appallingly cannot do it without some major headaches involving certificate files): RSACryptoServiceProvider thingee; using (var reader = File.OpenText(@"c:\pemfile.pem")) { var x = new PemReader(reader); var y = (RsaKeyParameters)x.ReadObject(); thingee = (RSACryptoServiceProvider)RSACryptoServiceProvider.Create(); var pa = new RSAParameters(); pa.Modulus = y.Modulus.ToByteArray(); pa.Exponent = y.Exponent.ToByteArray(); thingee.ImportParameters(pa); } And then the code to actually verify the signature: var signature = ... //reads from the packet sent by the eCommerce system var data = ... //reads from the packet sent by the eCommerce system var sha = new SHA1CryptoServiceProvider(); byte[] hash = sha.ComputeHash(Encoding.ASCII.GetBytes(data)); byte[] bSignature = Convert.FromBase64String(signature); ///Verify signature, FINALLY: var hasValidSig = thingee.VerifyHash(hash, CryptoConfig.MapNameToOID("SHA1"), bSignature);

    Read the article

  • Secure Password Storage and Transfer

    - by Andras Zoltan
    I'm developing a new user store for my organisation and am now tackling password storage. The concepts of salting, HMAC etc are all fine with me - and want to store the users' passwords either salted and hashed, HMAC hashed, or HMAC salted and hashed - not sure what the best way will be - but in theory it won't matter as it will be able to change over time if required. I want to have an XML & JSON service that can act as a Security Token Service for client-side apps. I've already developed one for another system, which requires that the client double-encrypts a clear-text password using SHA1 first and then HMACSHA1 using a 128 unique key (or nonce) supplied by the server for that session only. I'd like to repeat this technique for the new system - upgrading the algo to SHA256 (chosen since implementations are readily available for all aforementioned platforms - and it's much stronger than SHA1) - but there is a problem. If I'm storing the password as a salted hash in the user-store, the client will need to be sent that salt in order to construct the correct hash before being HMACd with the unique session key. This would completely go against the point of using a salt in the first place. Equally, if I don't use salt for password storage, but instead use HMAC, it's still the same problem. At the moment, the only solution I can see is to use naked SHA256 hashing for the password in the user store, so that I can then use this as a starting point on both the server and the client for a more secure salted/hmacd password transfer for the web service. This still leaves the user store vulnerable to a dictionary attack were it ever to be accessed; and however unlikely that might be - assuming it will never happen simply doesn't sit well with me. Greatly appreciate any input.

    Read the article

  • How to read public key from PFX file in java

    - by articlestack
    I am able to read private key from PFX file but not public key. I am using following code to read public key. InputStream inStream = new FileInputStream(certFile); CertificateFactory cf = CertificateFactory.getInstance("X.509"); BufferedInputStream bis = new BufferedInputStream(inStream); // if (bis.available() > 0) { java.security.cert.Certificate cert = cf.generateCertificate(bis); System.out.println("This part is not getting printed in case of PFX file"); // } puk = (PublicKey) cert.getPublicKey(); This code is working properly when i read from .cer file. Please help

    Read the article

  • How to implement RSA-CBC?(I have uploaded the request document)

    - by tq0fqeu
    I don't konw more about cipher, I just want to implement RSA-CBC which maybe mean that the result of RSA encrypt in CBC mode, and I have implemented RSA. any code languages will be ok, java will be appreciated thx I copy the request as follow(maybe has spelling wrong), but that's French I don't konw that: Pr´esentation du mini-projet Le but du mini-projet est d’impl´ementer une version ´el´ementaire du chi?rement d’un bloc par RSA et d’inclure cette primitive dans un systeme de chi?rement par bloc avec chaˆinage de blocs et IV (Initial Vector ) al´eatoire. Dans ce systeme, un texte clair (`a chi?rer) est d´ecompos´e en blocs de taille t (?x´ee par l’utilisa- teur), chaque bloc (clair) est chi?r´e par RSA en un bloc crypt´e de mˆeme taille, puis le cryptogramme associ´e au texte clair initial est obtenu en chaˆinant les blocs crypt´es par la m´ethode CBC (cipher- block chaining) d´ecrite dans le cours (voir poly “Block Ciphers”) Votre programme devra demander a l’utilisateur la taille t, puis, apres g´en´eration des cl´es publique et priv´ee, lui proposer de chi?rer ou d´echi?rer un (court) ?chier ASCII. Il est indispensable que votre programme soit au moins capable de traiter le cas (tres peu r´ealiste du point de vue de la s´ecurit´e) t = 32. Pour les traiter des blocs plus grands, il vous faudra impl´ementer des routines d’arithm´etique multi-pr´ecision ; pour cela, je vous conseille de faire appela des bibliotheques libres comme GMP (GNU Multiprecision Library). Pour la g´en´eration al´eatoire des nombres premiers p et q, vous pouvez ´egalement faire appela des bibliotheques sp´ecialis´ees,a condition de me donner toutes les pr´ecisions n´ecessaires. Vous devez m’envoyer (avant une date qui reste a ?xer)a mon adresse ´electronique ([email protected]) un courriel (sujet : [MI1-crypto] : devoir, corps du message : les noms des ´etudiants ayant travaill´e sur le mini-projet) auquel sera attach´e un dossier compress´e regroupant vos sources C ou Java comment´ees, votre programme ex´ecutable, et un ?chier texte ou PDF donnant toutes les pr´ecisions sur les biblioth`eques utilis´ees, vos choix algorithmiques et d’impl´ementation, et les raisons de ces choix (complexit´e algorithmique, robus- tesse, facilit´e d’impl´ementation, etc.). Vous pouvez travailler en binˆome ou en trinˆome, mais je serai nettement plus exigeant avec les trinˆomes I have uploaded the request at http://uploading.com/files/22emmm6b/enonce_projet.pdf/ thx

    Read the article

  • What is an s2k algorithm?

    - by WilliamKF
    What is the definition of an s2k algorithm? For example, "PBKDF2(SHA-1)" is an s2k algorithm. Here is some Botan code that refers to s2k: AutoSeeded_RNG rng; std::auto_ptr<S2K> s2k(get_s2k("PBKDF2(SHA-1)")); s2k->set_iterations(8192); s2k->new_random_salt(rng, 8); SymmetricKey bc_key = s2k->derive_key(key_len, "BLK" + passphrase); InitializationVector iv = s2k->derive_key(iv_len, "IVL" + passphrase); SymmetricKey mac_key = s2k->derive_key(16, "MAC" + passphrase); Also, what is a 'salt' in s2k?

    Read the article

  • Handling User Authentication in C#.NET?

    - by Daniel
    Hi! I am new to .NET, and don't have much experience in programming. What is the standard way of handling user authentication in .NET in the following situation? In Process A, User inputs ID/Password Process A sends the ID/Password to Process B over a nonsecure public channel. Process B authenticates the user with the recieved ID/Password what are some of the standard cryptographic algorithms I can use in above model? thank you for your time!

    Read the article

  • Best practices to store CreditCard information into DataBase

    - by Garis Suero
    In my country the online payments are not an old thing, the first time i saw a web application taking payments directly to a local bank account was last year. So, Im a newbie coding web payment system. My question is, what are the best practices to store creditcard information into the database... I have many ideas: encrypting the creditcard, database security restriction, etc. What have you done?

    Read the article

  • How to secure licensekey generation

    - by Jakob Gade
    Scenario, simplified for brevity: A developer creates an application for a customer. The customer sells this app to end-users. The app requires a license key to run, and this key is generated by the customer for each end-user with a simple tool created by the developer. The license key contains an expiry date for the license and is encrypted so the end-user can’t tamper with it. The problem here is that the developer (or anybody who has a copy of the license key generator) can easily create valid license keys. Should this generator fall into the wrong hands, it could spell disaster for the customers business. Ideally, the customer would have to use a password to create new license keys. And this password would be unknown to the developer, and somehow baked into the decryption algorithm in the application so it will fail if an attempt to use an unauthorized key is made. How would you implement a solution for this problem that is both transparent and secure?

    Read the article

  • security topics

    - by scatman
    i have a course project to do on network security, the project themes are lightweight security on mobile devices,sensors,rfids... i am really finding it hard to get papers about any of these topics. so what are some nice project topics that i can do? thanks

    Read the article

  • Ruby on Rails Decryption

    - by user812120
    0 down vote favorite share [g+] share [fb] share [tw] The following function works perfect in PHP. How can it be translated in Ruby on Rails. Please note that both privateKey and iv are 32 characters long. mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $privateKey, base64_decode($enc), MCRYPT_MODE_CBC, $iv) I tried to use the following in Ruby but got a bad decrypt error. cipher = OpenSSL::Cipher.new('aes-256-cbc') cipher.decrypt cipher.key = privateKey cipher.iv = iv decrypted = '' << cipher.update(encrypted) << cipher.final

    Read the article

  • Use of Curve25519

    - by chmike
    I'm currently investigating the use of curve25519 for signing. Original distribution can be obtained here and a C code implementation here or here. Bernstein suggest to use ECDSA for this but I could not find any code.

    Read the article

  • C# encrypt whole XML File

    - by René
    I already have a solution for encrypting of several XML nodes or strings. But of course, you can open the local saved XML file and you should see the node tags. For some intelligent people it could be a reference for hidden informations. Is there any way to encrypt and decrypt the whole xml content including all node tags?

    Read the article

  • Free SWF Obfuscator

    - by Cyclone
    Does anybody know of a free flash obfuscator? All I can find are commercial ones with free trials. I have done numerous google searches, and have been unable to find what I am looking for. I know that obfuscators do not make your swf hack proof, but they make things harder. Things I am looking for in an obfuscator: Unlimited obfuscations No time limit No watermark (or on the left side only! Right side is no good, same with center) Able to publish work (no special player needed other than standard flashplayer) I really was surprised to see how hard it was to find a good obfuscator (tried encoder, protection, etc. instead as well) and how easy it is to find a decompiler.... It is imperative that my code be protected, at least partially, to discourage the hacking of my game.

    Read the article

  • Rot13 for numbers.

    - by dreeves
    EDIT: Now a Major Motion Blog Post at http://messymatters.com/sealedbids The idea of rot13 is to obscure text, for example to prevent spoilers. It's not meant to be cryptographically secure but to simply make sure that only people who are sure they want to read it will read it. I'd like to do something similar for numbers, for an application involving sealed bids. Roughly I want to send someone my number and trust them to pick their own number, uninfluenced by mine, but then they should be able to reveal mine (purely client-side) when they're ready. They should not require further input from me or any third party. (Added: Note the assumption that the recipient is being trusted not to cheat.) It's not as simple as rot13 because certain numbers, like 1 and 2, will recur often enough that you might remember that, say, 34.2 is really 1. Here's what I'm looking for specifically: A function seal() that maps a real number to a real number (or a string). It should not be deterministic -- seal(7) should not map to the same thing every time. But the corresponding function unseal() should be deterministic -- unseal(seal(x)) should equal x for all x. I don't want seal or unseal to call any webservices or even get the system time (because I don't want to assume synchronized clocks). (Added: It's fine to assume that all bids will be less than some maximum, known to everyone, say a million.) Sanity check: > seal(7) 482.2382 # some random-seeming number or string. > seal(7) 71.9217 # a completely different random-seeming number or string. > unseal(seal(7)) 7 # we always recover the original number by unsealing.

    Read the article

  • how can I convert String to SecretKey

    - by Alaa
    I want to convert String to secretKey public void generateCode(String keyStr){ KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128); // 192 and 256 bits may not be available // Generate the secret key specs. secretKey skey=keyStr; //How can I make the casting here //SecretKey skey = kgen.generateKey(); byte[] raw = skey.getEncoded(); } I try to use BASE64Decoder instead of secretKey, but I face a porblem which is I cannot specify key length. EDIT: I want to call this function from another place static public String encrypt(String message , String key , int keyLength) throws Exception { // Get the KeyGenerator KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(keyLength); // 192 and 256 bits may not be available // Generate the secret key specs. //decode the BASE64 coded message SecretKey skey = key; //here is the error raw = skey.getEncoded(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); // Instantiate the cipher Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec); System.out.println("msg is" + message + "\n raw is" + raw); byte[] encrypted = cipher.doFinal(message.getBytes()); String cryptedValue = new String(encrypted); System.out.println("encrypted string: " + cryptedValue); return cryptedValue; } Any one can help, i'll be very thankful.

    Read the article

  • Exception: "Given final block not properly padded" in Linux, but it works in Windows

    - by user1685364
    My application works in windows, but fails in Linux with Given final block not properly padded exception. Configuration: JDK Version: 1.6 Windows : version 7 Linux : CentOS 5.8 64bit My code is below: import java.io.IOException; import java.io.UnsupportedEncodingException; import java.security.InvalidKeyException; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.KeyGenerator; import javax.crypto.NoSuchPaddingException; import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; public class SecurityKey { private static Key key = null; private static String encode = "UTF-8"; private static String cipherKey = "DES/ECB/PKCS5Padding"; static { try { KeyGenerator generator = KeyGenerator.getInstance("DES"); String seedStr = "test"; generator.init(new SecureRandom(seedStr.getBytes())); key = generator.generateKey(); } catch(Exception e) { } } // SecurityKey.decodeKey("password") public static String decodeKey(String str) throws Exception { if(str == null) return str; Cipher cipher = null; byte[] raw = null; BASE64Decoder decoder = new BASE64Decoder(); String result = null; cipher = Cipher.getInstance(cipherKey); cipher.init(Cipher.DECRYPT_MODE, key); raw = decoder.decodeBuffer(str); byte[] stringBytes = null; stringBytes = cipher.doFinal(raw); // Exception!!!! result = new String(stringBytes, encode); return result; } } At the line: ciper.doFilnal(raw); the following exception is thrown: javax.crypto.BadPaddingException: Given final block not properly padded How can I fix this issue?

    Read the article

  • use bouncy castle to create public key on j2me

    - by mike
    I got the public key from the certificate, keypair is a java.security.KeyPair object String public_key = keypair.getPublic().toString(); I want to send this to the via an http connection to a J2me application. I cannot find any documentation to convert the transmitted string to a Public key that can be used to encrypt Strings. I also want the J2me to verify signed strings from the server. I want to then send the encrypted strings back to the server.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 32 33 34 35 36 37 38 39 40 41 42 43  | Next Page >