AES encryption differences between php mcrypt and a Delphi component
MCrypt expects the key to be a binary string, but you pass a hex encoded string into it. Use $key = hex2bin($key); or $key = pack('H*', $key); depending on PHP support. This must be done before calling mcrypt_encrypt(). Security: Don't ever use ECB mode. It's not semantically secure. There is...
How to migrate from sha256 encryption to bcrypt for php?
Password Hashing Using bcrypt If you are using PHP 5.5 or later, you can use the built-in password_hash() function with the $algo parameter set to PASSWORD_BCRYPT to create bcrypt hashes. You can use this as so: $options = array('cost' => 11, 'salt' => 'my_salt'); $hash = password_hash("my_secret_password", PASSWORD_BCRYPT, $options); Migration...
Encrypting (large) files in PHP with openSSL
php,file,encryption,aes,php-openssl
You could use CBC encryption using Mcrypt and then encrypt a segment of data at a time. Make sure that the segment is x times the block size of the used cipher (e.g. 16 bytes for AES). Encrypt the segment and take the last block of the generated ciphertext and...
File security System in java? [on hold]
So to encrypt an aspect of the file you may want to gather it's bytes in an array*, That can either be done using the class Files from java or a stream to do it manually. For now lets say you got the byte array obtained using Files.readAllBytes(Path file); So...
iOS - Password Encryption in Swift
php,ios,swift,encryption,passwords
See this question. You should understand the implications of hashing on the client side: Pro: You can use a higher number of rounds, creating a stronger hash. For reference, 1Password uses a minimum of 25,000 rounds of PBKDF2-HMAC-SHA512. Your users likely won't be using diceware, so you'll want a higher...
AES-functions always reply with empty results
.net,vb.net,encryption,aes,rijndael
There was an instruction missing. According to this website FlushFinalBlock() is needed, in order to finalize the changes made to the CryptoStream. People over there also recommend to actually store the data in Byte-Arrays instead of converted Strings. Which will I will do in the further developement, only in the...
Attempting to use SHA1 hashing to send password to Google
c#,encryption,sha1,google-directory-api
(Disclaimer: I work for Google, but I haven't looked at this API before.) Well, the problem when you call password.ToString() is that it's not providing the hex representation - so that's why the first piece of code fails. It looks like it's basically expecting it to be hex. The documentation...
Partial support in VS 2013 for certificates and symmetric keys in azure v12
azure,encryption,visual-studio-2013,sql-azure
Support for Cell-Level Encryption in Azure SQL Database was recently introduced as a preview feature in SQL Database V12. The main reason this feature is still in preview is that unfortunately we are still working on proper tooling support to handle these objects properly. One thing you need to consider...
Ways to encrypt a whole directory instead of just a file
Is this an elegant and secure way of encrypting directories? Elegant -- no. Secure -- as secure as gpg. Am I using GPG's full cryptographic power? Yes. Are there better alternatives? tar the directory first instead of zip. gpg compresses data anyway....
Handling Confidential Data in web application
asp.net,sql-server,encryption,pbkdf2,tde
You are heading the direction of Zero Knowledge Web Applications, such as implemented by SpiderOak (see also crypton). These applications typically work by deriving a key from the user's password using something like PBKDF2, and performing encryption/decryption on client side. However, there are a number of complexities to overcome to...
GnuPG error version 2.0.14
The problem was due to a bug in the program. The encrypted file contents was getting truncated. The program uses Runtime. Exec method and was not handling the input stream properly. The issue was not with GnuPG encryption tool.
Encryption in Realm gives java.lang.IllegalStateException: Wrong key used to decrypt Realm
The encryption key is used to encrypt/decrypt the actual file. So it has to be same across all transactions. That is also why you need to find a way to save the key between app restarts as otherwise you cannot access the Realm again. There are some links in our...
Java keystore maintenance utilities [closed]
Basically, a keystore is a repository of certificates located on the file system. See a more detailed definition here: https://www.google.com/search?client=ubuntu&channel=fs&q=what+is+a+keystore&ie=utf-8&oe=utf-8 Also this SO question What is Keystore? I believe should be helpful....
Concatenating MAC and salt with ciphertext
java,encryption,cryptography,aes,hmac
public class AESEncryption { private final String ALGORITHM = "AES"; private final String MAC_ALGORITHM = "HmacSHA256"; private final String PRNG_ALGORITHM = "SHA1PRNG"; private final String TRANSFORMATION = "AES/CBC/PKCS5Padding"; private final String PLAINTEXT = "/Volumes/CONNOR P/Unencrypted.txt"; private final String ENCRYPTED = "/Volumes/CONNOR P/Encrypted.txt"; private final String PASSWORD = "javapapers"; private final...
Problems generating a self-signed 1024-bit X509Certificate2 using the RSA AES provider
c#,.net,ssl,encryption,x509certificate2
The problem is with CryptGenKey function call. In the Algid parameter, you should pass either 0x1 (for RSA key exchange) or 0x2 (RSA digital signature). You don't need other values. And key length value should be 0x4000001 (with exportable key). Also, I noticed that you pass incorrect provider type when...
C# AES and RSA File Encryption - How to use IV?
c#,encryption,cryptography,aes,rsa
You where quite close, write out the IV before you create the CryptoStream static public Tuple<byte[], byte[]> EncryptAES(byte[] toEncryptAES, RSAParameters RSAPublicKey) { byte[] encryptedAES = null; byte[] encryptedRSA = null; using (MemoryStream ms = new MemoryStream()) { using (RijndaelManaged AES = new RijndaelManaged()) { AES.KeySize = 256; AES.BlockSize = 128;...
SSL/TLS: Why will the server be the only one to be able to decrypt the encrypted number if it's a public key?
Because it's public-private key encryption, not symmetric encryption. The plaintext is encrypted to cipher text with the public key and decrypted back to the plaintext with the private key. Trying to decrypt that ciphertext with the public key doesn't work.
Part of Decrypt non-sense
Your code is OK assuming that the parameter input in your public String decrypt(byte[] input) method is successfully Base64 decoded from the cipher text by the caller (because your encrption returns Base64 encoded cipher string). But, in the decrypt() method you are creating a byte array plainText by getOutputSize() method....
SQL-Server Verify SHA2_512 hash procedure
sql-server,tsql,encryption,cryptography,sha512
This is because in hashA you are CASTing a VARCHAR to a VARBINARY, and in hashB you are CASTing a NVARCHAR to a VARBINARY. The first is non-Unicode, hence the difference. Try: declare @pswd nvarchar(max); set @pswd = '2YKRCqHv'; Select orig = a.Hash, hashA = 0x0200 + a.Salt + Hashbytes('SHA2_512',...
Secure downloaded Files in android applications with internal storage and encrypting usage?
android,encryption,android-contentprovider,internal-storage
You can use download manager to download files using asyntask. After that encrypt and decrypt that files. please refer below link.enter link description here
Reverse ^ operator for decryption
c,algorithm,security,math,encryption
This is not a power operator. It is the XOR operator. The thing that you notice for the XOR operator is that x ^ k ^ k == x. That means that your encryption function is already the decryption function when called with the same key and the ciphertext instead...
Error with encrypt message with RSA python
python,python-3.x,encryption,rsa
The error suggests that the encrypt method does not support encrypting a string message. Try encoding your string to bytes first using encode, e.g.: print(RSAPubKey.encrypt("Hello.".encode('utf-8'), 32)) It's also worth noting that, per the documentation, encrypt performs "textbook" RSA encryption, which is insecure due to the lack of padding. You should...
Trouble with for loops in Python 3: getting the index in string2 of an element from string1
python,python-3.x,encryption,indices,vigenere
for i in range(len(text)): print(alphabet.index(text.lower()[i])) just add lower() and it will work...
Php encrypt url
php,apache,codeigniter,url,encryption
Seems You're trying to use reserved name CI_Controller $newurl = base_url()."controller/method/".$e_email_app; or this was edited for question and You have a real name for controller and method? Also, please, check is encryption was success: $email_app = "test string"; $newurl = base_url("controller/method/".urlencode($this->encryption->encode($email_app))); $decoded = $this->encryption->decode(urldecode($newurl)); echo $decoded; // must be "test...
Securing RTP packets without encrypting each packets
security,encryption,sip,voip,rtp
I believe some of your concerns are addressed in the following IETF Spec - https://tools.ietf.org/html/rfc7201 - Options for Securing RTP Sessions But IMO, there is a cost of security w.r.t processing and thats a given for the enhanced layer of protection. I haven't come across any other fancier ways other...
Why do my “random” MachineKey's Validation Key and Decryption Key both start with the same bytes?
c#,asp.net,encryption,machinekey,.net-4.5.2
From the documentation: "The IsolateApps modifier specifies that ASP.NET generates a unique encrypted key for each application using the application ID of each application" Thus, it looks like IsolateApps is a safeguard to prevent identical keys being used by different apps that are sourcing the same machinekey config file. In...
AES Encryption in Java differs from PHP
Your test strings are different. In Java, you put "this is a plain string.". In PHP, you put "This is a plain string.". Mind the capital 'T'. Please adjust and try again....
Difference between results with RSA Encryption with Bouncy Castle in Java and C#
java,c#,encryption,rsa,bouncycastle
The output of RSA encryption, or any secure encryption method, outputs data that is indistinguishable from random to an attacker. This is performed by the IV for symmetric ciphers and by the padding method for RSA. If this wasn't the case then an attacker would be able to see similarities...
vb.net AES decryption returns “data is incomplete block”
vb.net,encryption,cryptography,aes
Despite all comments, I still lack understanding of your intentions. Therefore, the sample code below may not provide what you exactly want, but at least should give an idea how to employ cryptographic functions. Particularly, the most notable difference from your approach is that the encryption key and initialization vector...
WMI Code Creator for Bitlocker Status - where did i go wrong?
If you search the MSDN for ManagementObjectSearcher you get this page. On every MSDN page for a .NET class you will see two pieces of information at the top of the page. Namespace: System.Management Assembly: System.Management (in System.Management.dll) The first line tells you that you need to add using System.Management;...
Why is it impossible to implement an “infinite” one time pad algorithm?
encryption,encryption-symmetric
You have to pair each bit of message with a same size bit of OTP. There's a limited amount of OTP. If you pair up all of the OTP bits with bits for the next OTP... a b c d e ... q w e r t ... There's no...
Rails request.create in rsa-sha256?
ruby-on-rails,ruby-on-rails-4,encryption,cryptography,saml
Actually, I found the anwser : In the lib, the sha1 ou sha256 ecryption will be defined by the settings, in the method create_params of OneLogin::RubySaml::Authrequest we have if settings.security[:authn_requests_signed] && !settings.security[:embed_sign] && settings.private_key params['SigAlg'] = XMLSecurity::Document::SHA1 ... end so, I had settings.security[:embed_sign] = false And so the condition was...
Encrypt string when passing it through url as hyperlink and decrypt to echo out on next page?
The problem is you already sent an encrypted value to ns_application.php. And again you first re-encrypt it and the try to decrypt it that's why it's not giving you desired result. try this: ns_application.php: <?php error_reporting(E_ALL); ini_set("display_errors", 1); require_once 'encryption.php'; $reference = isset($_GET['ns_request']) ? $_GET['ns_request'] : null; $enc=new encryption( array(...
why does my python code not encrypt or decrypt my message
python,encryption,caesar-cipher
mode = input("Please enter a mode: ").lower() makes the mode all lowercase which prevents it to equal either "Encrypt" or "Decrypt". So, your if clauses are not executed....
How to get file type from encrypted file?
If it is a 'Caesar Shift', then you just run down the alphabet, trying each possible shift, there are only 25 of them. NBCM CM UH YRUGJFY nbcm cm uh yrugjfy ocdn dn vi zsvhkgz pdeo eo wj atwilha qefp fp xk buxjmib rfgq gq yl cvyknjc sghr hr zm...
Can I specify the nonce and counter in AES encryption counter mode?
Is this the only way to achieve this or is there any other easier way? No. The increment function operates on the full 128-bit block. See CTR mode and Counter Increment on the Crypto++ wiki. The longer answer is Yes if you provide your own IncrementCounter function. The longer...
Mounting GEOM_ELI Encrypted ZFS Pool as root
unix,encryption,freebsd,boot,zfs
Turns out I was correct. The daXp4.eli files are necessary as it's the metadata of each disk. A reference point if you will. By performing: geli backup /dev/daXp4 /boot/daXp4.eli It create the meta files required for geom to attempt a decryption at boot time. I hope this helps someone else...
OutOfMemoryException while decrypting file using facebook conceal
java,android,facebook,encryption,facebook-conceal
As Bruce did highlight on bottleneck on Encryption which leads to OutOfMemoryException at time of Decryption. So here's code which i'm executing while encrypting and decrypting which no more leads to OutOfMemoryException. Encryption : fileStream = new BufferedOutputStream(new FileOutputStream(mEncryptedFile)); OutputStream outputStream; outputStream = crypto.getCipherOutputStream(fileStream, entity); int read; byte[] buffer =...
rails saml how to decrypt xml?
ruby-on-rails,xml,ruby-on-rails-4,encryption,saml
finally, I succeeded to fix the problem : Here the solution: response.settings = saml_settings enc_key = REXML::XPath.first(response.document, "//xenc:EncryptedKey//xenc:CipherData/xenc:CipherValue").text enc_value = REXML::XPath.first(response.document, "//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue").text private_key = OpenSSL::PKey::RSA.new(CONFIG_PRIVATE_KEY) data_key = private_key.private_decrypt(Base64.decode64(enc_key), OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING) actual_output = decrypt_cipher_data(data_key,...
gzip and pipe to output (performance consideration)
linux,unix,encryption,gzip,solaris
Gzip is a streaming compressor/decompressor. So (for large enough inputs) the compressor/decompressor starts writing output before it has seen the whole input. That's one of the reasons gzip compression is used for HTTP compression. The sender can compress while it's still generating content; the recipient can work on decompressing the...
Get RSA keys in a “simple” form
This is the simple form - including the header and footer and extra newlines. Most certificate programs can handle this form just fine.
c++ convert hexadecimal string with “:” to original “binary” string
Here are problems that you should fix before debugging this any further: cipherStream should be ostringstream, not istringstream The for loop should stop two characters before the end. Otherwise your substr is going to fail. Make the loop condition i+2 < text.size() When you read two characters from the input,...
How can we create our own string encoding-decoding or encryption-decryption script in java without using any given library i.e. Base64, AES, etc?
java,security,encryption,encoding,cryptography
Maintaining a HashMap of Key(the value getting replaced) with a value(the value to be replaced) and just changing the string using a simple function will do. import java.util.HashMap; import java.util.Map.Entry; public class Encrypt { /** * @param args */ static HashMap<String, String> hm = new HashMap(); public static void main(String[]...
Cipher text in C,How to repeat key characters
You can use another loop variable an make the index of the key 0 every time it reaches its length. I have used variable j in this case. Try this code: #include<stdio.h> #include<string.h> int main() { char str[100],k[50],str1[100]; int i,n; gets(str);// Input plain text. gets(str1);//Input key. int lenk=strlen(str1),j; //calculate length...
(Android) Encrypting data disallowing awarness of the method used in the source code
As far as I am aware, you could use Proguard to obfuscate your code. In your build.gradle you can set minifyEnabled to true instead of (the default) false. Which will then obfuscate your code. Example: buildTypes { release { minifyEnabled true proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' } } ...
Decrypting AES in Objective C
objective-c,encryption,cryptography,commoncrypto,rncryptor
The Java getInstance method should provide all the necessary information and not rely on defaults. Such as: "AES/CBC/PKCS5Padding (128)", "AES/ECB/NoPadding (128)" or some other combination. With the "AES" spec I would guess: ECB mode (really bad choice), PKCS5Padding, and a key length based on the supplied key null padded as...
Bcrypt encryption in Symfony2
php,symfony2,encryption,bcrypt
ircmaxell/password_compat is a polyfill library. You can just add it to your dependencies and call the password_hash() function without worrying about the PHP version. For PHP 5.5+ it will use the native PHP version, for lower versions it will resort to the library.
Encrypted Querystring in URL getting changed to lowercase in Outlook
c#,asp.net,email,url,encryption
If outlook is sabotaging your links, then you need to make your links case indifferent. If you absolutely must keep upper and lowercase in your links for decryption, use a marker character: Generate encrypted string. Before each upper case character, insert marker character (pick a valid character your encryption scheme...
Android encryption and decryption of text fails
android,security,encryption,encryption-symmetric
The output type of Cipher#doFinal(byte[]) is byte[], but Arrays don't have a default way in which their contents are printed. By calling byte[].toString() on an array, you're simply printing its type and hash code. (More on this here) What you want is decrypted = new String(cipher2.doFinal(decodedBytes), "UTF-8"); which tells the...
Using Salt in AES in C# and PHP
The answer you have posted implements the Rfc2898DeriveBytes class to get the bytes of the encrypting key. This is advised, but not mandatory. You don't have to use Rfc2898DeriveBytes and can simply modify that AES implementation not to take a salt and simply take the password's bytes as the key...
Node.js crypto key and iv to match java SecretKeySpec / IvParameterSpec
node.js,encryption,cryptography,aes,padding
Assuming you have the same password string as in the Java code, you can create a key buffer like this in node: var key = new Buffer(password, "utf8"); Since you're using a zero filled IV (bad!) in Java, this is the equivalent code in node: var iv = new Buffer(16);...
MySQL AES_DECRYPT wrong/strange result
it is working even on your side but it is blob data you are seeing. denc: 74 65 78 74 74=t 65=e 78=x 74=t, add them together you get 'text' ascii table here: http://www.asciitable.com/ try it with cast to make it more obvious: SELECT cast(AES_ENCRYPT('text', SHA1('My secret passphrase')) as char(100))...
Digital Signature in java / android (RSA keys)
java,android,encryption,rsa,digital-signature
When signing you returned your signature base64-encoded: return Base64.encodeToString(signatureBytes, Base64.DEFAULT); Thus, when verifying you have to base64-decode the signature string. But what you do is: byte[] signatureBytes = signature.getBytes("UTF8"); So the signatureBytes you try to verify are completely different from the signatureBytes you had as a result of signing. You...
Is it OK to encode data using key equal to data?
Encryption only guarantees uniqueness if the same key is used. If you are using different keys then there is no guarantee of uniqueness. If you want to guarantee uniqueness of output then keep to the same key and ensure that the input strings are unique. Either you can accept only...
What is the encryption strength if I don't know the encryption method and parameters?
Well, in general you should not rely on information in the algorithm / protocol itself. Such information is generic for any key you use, so you should consider it public knowledge. OK, so that's that out of the way. Now say you use 16 methods and you somehow have created...
AES 256 and Base64 Encrypted string works on iOS 8 but truncated on iOS 7
Don't use phpAES. You're shooting yourself in the foot with an enormous cannon. From their page: The free version only supports ECB mode, and is useful for encrypting/decrypting credit card numbers. This is incredibly wrong and misleading. ECB mode is not suitable for any purpose except as a building block...
Creating My Symmetric Key in C#
c#,security,encryption,cryptography,aes
for symmetric encryption algorithms most often need a binary array as a key. It raises the following questions: how to get the binary data for the key? The key should be random. If it is not random, it is easier to figure out by others. Unfortunately, it is not that...
Receiving unexpected indent with encryption script [closed]
You probably forgot to fix the indents when copying the text over. These five lines need to be unindented: options=raw_input("Would You Like To Encrypt/Decrypt Again? Y/N\n") if options=='y': loop=5 if options=='n': loop=0 The easiest way to do this in IDLE is to make a selection that has at least part...
DES encrypted value mismatching android and ios
ios,objective-c,iphone,encryption
It's obviously only a problem with the mode of operation, because the first block matches. In Java you're using ECB mode, because "DES" defaults to "DES/ECB/PKCS5Padding". I think that CCCryptor defaults to CBC. Don't ever use ECB mode. It's not semantically secure. You need to use at least CBC mode...
How to securely pass data from php forms to html
javascript,php,html,security,encryption
Google for and read relevant information such as this. Do not hash on the client. Pass the clear-text password to the server. Use POST to keep the password out of the URL (URLs have a nasty way of getting logged and otherwise exposed to people). I personally recommend to...
Migrating C# .Net encrypt/decrypt algorithm to Ruby
c#,ruby-on-rails,ruby,encryption,encryption-symmetric
Finally, I found a library that exactly match the C# code and is ruby-mcrypt (https://github.com/kingpong/ruby-mcrypt). And the encryption/decryption code i used is this: require 'mcrypt' module Crypt def Crypt.m_encrypt(data, key) crypto = Mcrypt.new(:rijndael_128, :ecb, key, nil, :zeros) encrypted_data = crypto.encrypt(data) encrypted_data end def Crypt.m_decrypt(data, key) crypto = Mcrypt.new(:rijndael_128, :ecb, key,...
How to use AES CBC using a key longer than 256 bits in Python
AES is only defined for key sizes of 128, 192 and 256 bit. The is no way to use some other key size and still call it AES. If you want to be compatible with other implementations, you will have to stick to the defined key sizes. Two common ways...
Source text, key size relationship for encryption/decryption in Go
encryption,go,cryptography,aes,rsa
One does not usually calculate the RSA key size based on payload. One simply needs to select one RSA key size based on a compromise between security (bigger is better) and performance (smaller is better). If that is done, use hybrid encryption in conjunction with AES or another symmetric cipher...
Encrypt file in python with aes
A quick Google search guided me to the Crypto package. It comes with the iPython that I am using, but the installation should be trivial anyway. I just repost the example here for your information. >>> from Crypto.Cipher import AES >>> obj = AES.new('This is a key123', AES.MODE_CBC, 'This is...
Getting variable encryption results with VB.Net and DES
You are setting TripleDES.Mode = CipherMode.ECB after you have called TripleDES.CreateEncryptor(), so the first encryption is using the default value of CipherMode.CBC. Since TripleDES is reused, after the first call to EncryptData its Mode is set correctly. Move TripleDES.Mode = CipherMode.ECB into New and it should work consistently....
Code fails for decrypting without salt or iv in Java
java,security,encryption,aes,password-encryption
You can decrypt the ciphertext in exercise 3.8 by using the simple ECB mode of AES, which does not use an IV. Since you have the key, there is no need for salt (there is no key derivation). Use AES 256 ECB mode in Java, and pass the key as...
Why does node.js's crypto module give a different result than Java's Cipher class for AES encryption?
You need to use the same mode of operation. Your java code specifies the cipher string as "AES". This is not fully qualified, so your default JCE provider will select its own default for "AES" which is "AES/ECB/PKCS5Padding" (in your case), because it's the most basic one, but also insecure...
Translate JavaScript code of RSA encryption to Python
javascript,python,encryption,rsa
Both private and public keys contain the modulus n. The public key contains the modulus and the encryption (public) exponent e, the private key contains the modulus and the decryption (private) exponent d. So what you have to do is to simply extract the three values n, d, e from...
Decrypt an encrypted text
Well I finally solved it... I copied this code from https://social.msdn.microsoft.com/Forums/vstudio/en-US/d6a2836a-d587-4068-8630-94f4fb2a2aeb/encrypt-and-decrypt-a-string-in-c?forum=csharpgeneral static readonly string PasswordHash = "[email protected]@Sw0rd"; static readonly string SaltKey = "[email protected]&KEY"; static readonly string VIKey = "@1B2c3D4e5F6g7H8"; public static string Encrypt(string plainText) { byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText); byte[] keyBytes = new Rfc2898DeriveBytes(PasswordHash,...
How to decrypt using only ciphertext for NimbusDS?
No, you cannot decrypt the ciphertext without key. That is, not unless an implementation mistake has been made. Jason web encryption seems to have been defined for modern algorithms such as RSA-OAEP and AES-GCM. Although none of these has been proven secure, it is generally assumed that they are by...
An exception of type 'System.Security.Cryptography.CryptographicException': keyset does not exist
c#,encryption,cryptography,rsa,x509certificate
As I understand, you are trying to sign some data using RSA having only a public key. RSA signing is a process of document verification. You sign a document using private key and then use public key to check if it is really yours. In other words, you cannot sign...
DES decryption only working when the key is 0s
There is a CryptoAPITransformMode parameter in _NewEncryptor (the last one) that you forgot. You put it "fixed" at 0, but it can be 0 or 1 (Encrypt or Decrypt). It is internal, but in the end passing an int is ok. public static class DESCryptoExtensions { // Mode = 0...
How to decrypt identity section in web config?
You can decrypt the encrypted Web.config file contents, if you want to, by running aspnet_regiis.exe with the -pdoption. The syntax is the same as the syntax for encrypting Web.config file contents with the -pe option, except that you do not specify a Protected Configuration provider. Example: aspnet_regiis -pd "connectionStrings" -app...
Decrypt strings encrypted with a SecretKey, when the key is no longer accessible
Well it's a bit unfair to remove all of user's data just because they forgot a password. Then they shouldn't be storing stuff in a container that requires a passphrase. Next, you'll argue that anyone should be able to open any wall safe using a hockey ticket stub and...
Issue with understanding keystore and ssl
Now he adds the server.cer to the clients-keystore and the clients.cer to the server's keystore. Wrong here. You should add the exported certificate to a truststore in each case. Export from server keystore to client truststore, client keystore to server truststore. That way the client can encrypt the plaintext...
MemoryStream to String, and back to MemoryStream without adding any bytes (encodings, etc.)
Let's say, that your MemoryStream contains the following input data: [0x01, 0x02, 0x03, 0x04] When you read it with streamreader, the binary representation of your string will be: [0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04], because strings use two byte representation for a character. What you do afterwards is...
How to customize the output of the Postgres Pseudo Encrypt function?
This function has 3 properties global unicity of the output values reversability pseudo-random effect The first and second property come from the Feistel Network, and as already explained in @CodesInChaos's answer, they don't depend on the choice of these constants: 1366 and also 150889 and 714025. Make sure when changing...
Encryption of strings using AES 128 in Java/grails
cipher.init method call is missed in your code. Check the below code. public byte[] encrypt(byte[] data, byte[] key) { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES")); return cipher.doFinal(data); } For decrypt have to change mode to Cipher.DECRYPT_MODE...
Symmetric encryption (AES) in Apache Thrift
java,python,encryption,aes,thrift
As stated by JensG, sending an externally encrypted binary or supplying a layered cipher transport are the two best options. It you need a template, take a look at the TFramedTransport. It is a simple layered transport and could easily be used as a starting block for creating a TCipherTransport.
How do I write Objects through a ObjectOutputStream, when the Objects are created in a different class?
java,encryption,inputstream,outputstream
How do I write Objects through an ObjectOutputStream, You call ObjectOutputStream.writeObject(). 2nd question that you didn't ask: how do I read objects through an ObjectInputStream? You call ObjectInputStream.readObject(). 3rd question that you didn't ask: how can I discover the type of an incoming object? You can discover the type...
searchable row level encryption using java?
java,database,security,encryption,bouncycastle
One of the most important properties of good encryption is that similar plaintexts are encrypted into vastly different ciphertexts. Roughly half of the bits of two ciphertexts will match. This property makes it hard (impossible) to formulate any kind of query that looks for substrings through LIKE or determines whether...
How to generate a md5 hash for an htpasswd file in PHP when I don't have the plaintext
php,linux,apache,encryption,hash
There are two ways to store MD5 based hashes in .htpasswd: standard md5crypt and Apache's own MD5 hashing. The two algorithms are identical, but they use different magic string constants. They're based on md5'ing 1000 times as you say, but if you look closely at the algorithm, you'll see that...
Decrypted string returns “Length of the data to decrypt is invalid”
Don't store passwords even if you encrypt them. the best practice is to store the password's hash using a known hash algorithm (SHA256 for example) + using a random salt For example: public static string GeneratePasswordHash(string password, string salt) { Byte[] passwordBytes = Encoding.UTF8.GetBytes(password + salt); Byte[] hashedBytes = new...
Implement same RSA encryption on iOS and Android
PKCS1 padding adds an element of randomness into the encryption. If you encrypt the same thing twice, you should get different ciphertexts. But both ciphertexts should decrypt to the same plaintext (modulo the added randomness, which should be handled by the PKCS1 implementation). https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding...
iOS “Data Protection” depends on user passcode set or not?
ios,encryption,data-protection
From the iOS documentation (Protecting Data Using On-Disk Encryption): Data protection is available on most iOS devices and is subject to the following requirements: The file system on the user’s device must support data protection. Most devices support this behavior. The user must have an active passcode lock set for...
Issues with AES Encryption using SynCrypto
delphi,encryption,cryptography,aes
AES is a block cipher algorithm. It means that it works by blocks that are 16 bytes in size for AES. So you need to use padding if your data does not fit in 16 bytes blocks (which is the case for your text). Instead of trying to re-invent the...
How can we improve SSL handshake to increase the security?
security,ssl,encryption,server,cl
I'm not sure that you quite have this right. The connection is supposed to be: client <--> server The client knows that it's talking to the server due to the SSL handshake and validation of the server certificate. Your question is what would happen if: client // MiTM <--> server...
Convert plaintext to perform elgamal encryption
BigInteger has a constructor taking a byte array as argument. Any String can be converted to a byte array, without loss, using (for example), UTF-8 encoding: byte[] bytes = string.getBytes(StandardCharsets.UTF_8); Combine both, and you have an easy way to transform a String into a BigDecimal. For the reverse operation, use...
Is it possible to implement AES with a 64-bit I/O block size?
security,encryption,cryptography,aes
AES is defined only for 128-bit block sizes. If there would be a way to reduce the block size, it wouldn't be AES anymore. The block cipher is not the only thing that determines what you can encrypt. The mode of operation determines how the block cipher is actually applied....
What are the different ways of generating a key for encription
php,encryption,aes,symmetric-key
You have three different key lengths. AES is specified for the following three key lengths: 128-bit (16 byte), 192-bit (24 byte) and 256-bit (32 byte). I'm not going to go into detail about the strength of different key sizes. Let's take them apart: $key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3"); This is a...