Search Results

Search found 2195 results on 88 pages for 'encryption symmetric'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 42/88 | < Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >

  • Understanding Security Certificates (and thier pricing)

    - by John Robertson
    I work at a very small company so certificate costs need to be absolutely minimal. However for some applications we do Need to have our customers get that warm fuzzy not-using-a-self-signed certificate feeling. Since creating a "certificate authority" with makecert really just means creating a public/private key pair, it seems pretty clear that creating a public/private key pair FROM such a "certificate authority" really just means generating a second public/private key pair and signing both with the private key that belongs to the "certificate authority". Since the keys are signed anyone can verify they came from the certificate authority I created, or if verisign gave me the pair they sign it with one of their own private keys, and anyone can use verisigns corresponding public key to confirm verisign as the source of the keys. Given this I don't understand when I go to verisign or godaddy why they have rates only for yearly plans, when all I really want from them is a single public/private key pair signed with one of their private keys (so that anyone else can use their public keys to confirm that, yes, they gave me that public/private key pair and they confirmed I was who I said I was so you can trust my public/private key pair as belonging to a legitimate third party). Clearly I am misunderstanding something, what is it? Does verisign retire their public/private key pairs periodically so that my verisign signed key pair "expires" and I need new ones?

    Read the article

  • AES and CBC in PHP

    - by Kane
    I am trying to encrypt a string in php using AES-128 and CBC, but when I call mcrypt_generic_init() it returns false. $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '',MCRYPT_MODE_CBC, ''); $iv_size = mcrypt_enc_get_iv_size($cipher); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $res = mcrypt_generic_init($cipher, 'aaaa', $iv); //'aaaa' is a test key Can someone tell me why is returning 0/false? I read the php documentation and seems correct (http://us.php.net/manual/en/mcrypt.examples.php)

    Read the article

  • How to go about signing text in a verifiable way from within ruby in a simple yet strong & portable

    - by roja
    Guys, I have been looking for a portable method to digitally sign arbitrary text which can be placed in a document and distributed while maintaining its verifiable origin. Here is an example: a = 'some text' a.sign(<private key>) # => <some signature in ASCII format> The contents of a can now be distributed freely. If a receiver wants to check the validity of said text they can do the following: b = 'some text' b.valid(<public key>, <signature supplied with text>) # => true/false Is there any library out there that already offers this kind of functionality? Ruby standard library contains SHA hashing code so at lest there is a portable way to perform the hashing but from that point I am struggling to find anything which fits purpose. Kind Regards, Roja

    Read the article

  • Java MessageDigest result does not stay constant

    - by user344146
    I've got this function for encrypting passwords in Java, but somehow when I call MessageDigest, it returns a different result every time even though I call it with the same password. I wonder if I am initializing it wrong somehow. public String encrypt (String password) { MessageDigest md = MessageDigest.getInstance("SHA-1"); md.reset(); md.update(password.getBytes(Charset.forName("utf-8")),0,password.length()); String res = md.digest().toString(); }

    Read the article

  • How to find Key and IV value from .Net to PHP

    - by PHP-Prabhu
    Can any one please let me know is there any way to find a solution for the below stuffs. I need to find out the KEY and IV value from the below byte array. the byte array in .net and this has to be convert into KEY(string) and IV(string) via PHP. private static readonly byte[] Key = { 0xda, 0x3c, 0x35, 0x6f, 0xbd, 0xd, 0x87, 0xf0, 0x9a, 0x7, 0x6d, 0xab, 0x7e, 0x82, 0x36, 0xa, 0x1a, 0x5a, 0x77, 0xfe, 0x74, 0xf3, 0x7f, 0xa8, 0xaa, 0x4, 0x11, 0x46, 0x6b, 0x2d, 0x48, 0xa1 }; private static readonly byte[] IV = { 0x6d, 0x2d, 0xf5, 0x34, 0xc7, 0x60, 0xc5, 0x33, 0xe2, 0xa3, 0xd7, 0xc3, 0xf3, 0x39, 0xf2, 0x16 };

    Read the article

  • Encrypt the file for security

    - by pavun_cool
    Actually I have a file . I am working in linux environment. I need to encrypt that file for secure purpose with giving the some password. The operation could be like zip , tar any compression. When I extract the file It should ask me password , only then it should get extracted Thanks in Advance

    Read the article

  • Need MD5 guideline

    - by Arman
    Is there any specific algorithm for the encoding and decoding MD5. Kindly give me the proper direction or guideline, so that I can move on.. I have search a lot on Google but I haven't find, kindly give the articles or tutorial link.

    Read the article

  • How to encrypt a RSAKey using another RSAKey?

    - by Tom Brito
    I know its not the usual thing to do. But the specification I'm implementing is discribed this way, and I cannot run out. I was trying to encrypt the modulus and exponent of the private key, but the following test code raises an exception because the byte array is 1 byte larger then the maximum allowed by RSA block: import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import javax.crypto.Cipher; import org.apache.commons.lang.ArrayUtils; public class TEST { public static KeyPair generateKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC"); keyPairGenerator.initialize(1024); return keyPairGenerator.generateKeyPair(); } public static void main(String[] args) throws Exception { KeyPair keyPair = generateKeyPair(); RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); System.out.println("Priv modulus len = " + privateKey.getModulus().bitLength()); System.out.println("Priv exponent len = " + privateKey.getPrivateExponent().bitLength()); System.out.println("Priv modulus toByteArray len = " + privateKey.getModulus().toByteArray().length); byte[] byteArray = privateKey.getModulus().toByteArray(); // the byte at index 0 have no value (in every generation it is always zero) byteArray = ArrayUtils.subarray(byteArray, 1, byteArray.length); System.out.println("byteArray size: " + byteArray.length); RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); Cipher cipher = Cipher.getInstance("RSA", "BC"); cipher.init(Cipher.ENCRYPT_MODE, publicKey); byte[] encryptedBytes = cipher.doFinal(byteArray); System.out.println("Success!"); } } (obs. its just a test, i would never encrypt the private key with its pair public key) The byte array is 128 bytes, the exactly maximum allowed by a RSA block, so why the exception? And how to fix it?

    Read the article

  • is there a way to compress a GET string so it won't be so long?

    - by sct
    I need to compress a string so it is shorter for a GET method form. Is there any way to compress a string and it will be decrypted later? That way... ?error=LOTS OF STUFFLOTS OF STUFFLOTS OF STUFFLOTS OF STUFFLOTS OF STUFF is shorter in some sort of key ?error=somekey so I can get back the result later. Not using MySQL preferably. Anyone know a good method for this?

    Read the article

  • How to decrypt a password from SQL server?

    - by sef
    I have this query in sql server 2000: select pwdencrypt('AAAA') which outputs an encrypted string of 'AAAA': 0x0100CF465B7B12625EF019E157120D58DD46569AC7BF4118455D12625EF019E157120D58DD46569AC7BF4118455D How can I convert (decrypt) the output from its origin (which is 'AAAA')?

    Read the article

  • Connect to a DB with an encrypted password with Django?

    - by Liam
    My place of employment requires that all passwords must be encrypted, including the ones used to connect to a database. What's the best way of handling this? I'm using the development version of Django with MySQL at the moment, but I will be eventually migrating to Oracle. Is this a job for Django, or the database? Edit: The encrypted password should be stored in the settings.py file, or somewhere else in the filesystem. This is the password that will be used to connect to the database.

    Read the article

  • How to Check Authenticity of an AJAX Request

    - by Alex Reisner
    I am designing a web site in which users solve puzzles as quickly as they can. JavaScript is used to time each puzzle, and the number of milliseconds is sent to the server via AJAX when the puzzle is completed. How can I ensure that the time received by the server was not forged by the user? I don't think a session-based authenticity token (the kind used for forms in Rails) is sufficient because I need to authenticate the source of a value, not just the legitimacy of the request. Is there a way to cryptographically sign the request? I can't think of anything that couldn't be duplicated by a hacker. Is any JavaScript, by its exposed, client-side nature, subject to tampering? Am I going to have to use something that gets compiled, like Flash? (Yikes.) Or is there some way to hide a secret key? Or something else I haven't thought of? Update: To clarify, I don't want to penalize people with slow network connections (and network speed should be considered inconsistent), so the timing needs to be 100% client-side (the timer starts only when we know the user can see the puzzle). Also, there is money involved so no amount of "trusting the user" is acceptable.

    Read the article

  • Length of Encrypted String

    - by Agnel Kurian
    I need to create a database column which will store a string encrypted using Triple DES. How do I determine the length of the encrypted string column? (Answers for algorithms other than Triple DES are also welcome.)

    Read the article

  • Why the generated key size is not constant?

    - by Tom Brito
    The following code prints randomly 634, 635, 636, each time I run it. Why its not constant? public static void main(String[] args) throws Exception { KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA", "BC"); keyPairGen.initialize(1024); RsaKeyPair keyPair = new RsaKeyPair(keyPairGen.generateKeyPair()); System.out.println(keyPair.getPrivate().getEncoded().length); }

    Read the article

  • Developers: How does BitLocker affect performance?

    - by Chris
    I'm an ASP.NET / C# developer. I use VS2010 all the time. I am thinking of enabling BitLocker on my laptop to protect the contents, but I am concerned about performance degradation. Developers who use IDEs like Visual Studio are working on lots and lots of files at once. More than the usual office worker, I would think. So I was curious if there are other developers out there who develop with BitLocker enabled. How has the performance been? Is it noticeable? If so, is it bad? My laptop is a 2.53GHz Core 2 Duo with 4GB RAM and an Intel X25-M G2 SSD. It's pretty snappy but I want it to stay that way. If I hear some bad stories about BitLocker, I'll keep doing what I am doing now, which is keeping stuff RAR'ed with a password when I am not actively working on it, and then SDeleting it when I am done (but it's such a pain).

    Read the article

  • Trying to understand Java RSA key size

    - by Tom Brito
    The key generator was initilized with a size of 1024, so why the printed sizes are 635 and 162? import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; public class TEST { public static KeyPair generateKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC"); keyPairGenerator.initialize(1024); return keyPairGenerator.generateKeyPair(); } public static void main(String[] args) throws Exception { KeyPair keyPair = generateKeyPair(); RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); System.out.println("Size = " + privateKey.getEncoded().length); System.out.println("Size = " + publicKey.getEncoded().length); } }

    Read the article

  • PHP and C# communication with Encrypt/Decrypt

    - by SilentWarrior
    Hello, I have been searching and cant find a consistent solution to my problem : I want to encrypt something in C# and decrypt it in PHP but also be able to encrypt in PHP and decrypt in C#, using the same key on both ends. All the solutions I found dont seem to work both ways, most of them only work on one language and then fail on the other, either by decrypting wrong or by blowing up the offsets. I would like to use TripleDES but it isnt a requirement, just want something relatively strong for plain text communication (will either use JSON or just plain key-value pairs for complex stuff). Thanks in advance PS: http://pastie.org/643106 this is what I have been testing with.

    Read the article

  • Why is using a Non-Random IV with CBC Mode a vulnerability?

    - by The Rook
    I understand the purpose of an IV. Specifically in CBC mode this insures that the first block of of 2 messages encrypted with the same key will never be identical. But why is it a vulnerability if the IV's are sequential? According to CWE-329 NON-Random IV's allow for the possibility of a dictionary attack. I know that in practice protocols like WEP make no effort to hide the IV. If the attacker has the IV and a cipher text message then this opens the door for a dictionary attack against the key. I don't see how a random iv changes this. (I know the attacks against wep are more complex than this.) What security advantage does a randomized iv have? Is this still a problem with an "Ideal Block Cipher"? (A perfectly secure block cipher with no possible weaknesses.)

    Read the article

  • How to send data securely over a public channel?

    - by Daniel
    Hi! I have a smart client application being deployed with a CickOnce webpage. here's the current scenario. 1.User runs the application, and the application shows a login form. 2.User enters ID/Password in the login form, and the application sends that information to the server. 3.The server authenticates the user and sends configuration and data to the application. Different users have different configuration and data for their application. I was concerned that anyone can download the application from the webpage if they know the URL. So I'm trying to change the authentication scheme, so that users can login at the webpage to download the application. I want to send the authentication info from the webpage(Program running at the server) to the smart client app, so that application can download the configuration information from the server, without prompting users to make a login again. How can the webpage send the ID/Passoword to the application securely?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 38 39 40 41 42 43 44 45 46 47 48 49  | Next Page >