Menu
  • HOME
  • TAGS

AES encryption differences between php mcrypt and a Delphi component

php,delphi,encryption

MCrypt expects the key to be a binary string, but you pass a hex encoded string into it. Use $key = hex2bin($key); or $key = pack('H*', $key); depending on PHP support. This must be done before calling mcrypt_encrypt(). Security: Don't ever use ECB mode. It's not semantically secure. There is...

How to migrate from sha256 encryption to bcrypt for php?

php,encryption

Password Hashing Using bcrypt If you are using PHP 5.5 or later, you can use the built-in password_hash() function with the $algo parameter set to PASSWORD_BCRYPT to create bcrypt hashes. You can use this as so: $options = array('cost' => 11, 'salt' => 'my_salt'); $hash = password_hash("my_secret_password", PASSWORD_BCRYPT, $options); Migration...

Encrypting (large) files in PHP with openSSL

php,file,encryption,aes,php-openssl

You could use CBC encryption using Mcrypt and then encrypt a segment of data at a time. Make sure that the segment is x times the block size of the used cipher (e.g. 16 bytes for AES). Encrypt the segment and take the last block of the generated ciphertext and...

File security System in java? [on hold]

java,file,security,encryption

So to encrypt an aspect of the file you may want to gather it's bytes in an array*, That can either be done using the class Files from java or a stream to do it manually. For now lets say you got the byte array obtained using Files.readAllBytes(Path file); So...

iOS - Password Encryption in Swift

php,ios,swift,encryption,passwords

See this question. You should understand the implications of hashing on the client side: Pro: You can use a higher number of rounds, creating a stronger hash. For reference, 1Password uses a minimum of 25,000 rounds of PBKDF2-HMAC-SHA512. Your users likely won't be using diceware, so you'll want a higher...

AES-functions always reply with empty results

.net,vb.net,encryption,aes,rijndael

There was an instruction missing. According to this website FlushFinalBlock() is needed, in order to finalize the changes made to the CryptoStream. People over there also recommend to actually store the data in Byte-Arrays instead of converted Strings. Which will I will do in the further developement, only in the...

Attempting to use SHA1 hashing to send password to Google

c#,encryption,sha1,google-directory-api

(Disclaimer: I work for Google, but I haven't looked at this API before.) Well, the problem when you call password.ToString() is that it's not providing the hex representation - so that's why the first piece of code fails. It looks like it's basically expecting it to be hex. The documentation...

Partial support in VS 2013 for certificates and symmetric keys in azure v12

azure,encryption,visual-studio-2013,sql-azure

Support for Cell-Level Encryption in Azure SQL Database was recently introduced as a preview feature in SQL Database V12. The main reason this feature is still in preview is that unfortunately we are still working on proper tooling support to handle these objects properly. One thing you need to consider...

Ways to encrypt a whole directory instead of just a file

encryption

Is this an elegant and secure way of encrypting directories? Elegant -- no. Secure -- as secure as gpg. Am I using GPG's full cryptographic power? Yes. Are there better alternatives? tar the directory first instead of zip. gpg compresses data anyway....

Handling Confidential Data in web application

asp.net,sql-server,encryption,pbkdf2,tde

You are heading the direction of Zero Knowledge Web Applications, such as implemented by SpiderOak (see also crypton). These applications typically work by deriving a key from the user's password using something like PBKDF2, and performing encryption/decryption on client side. However, there are a number of complexities to overcome to...

GnuPG error version 2.0.14

encryption,gnupg

The problem was due to a bug in the program. The encrypted file contents was getting truncated. The program uses Runtime. Exec method and was not handling the input stream properly. The issue was not with GnuPG encryption tool.

Encryption in Realm gives java.lang.IllegalStateException: Wrong key used to decrypt Realm

android,encryption,realm

The encryption key is used to encrypt/decrypt the actual file. So it has to be same across all transactions. That is also why you need to find a way to save the key between app restarts as otherwise you cannot access the Realm again. There are some links in our...

Java keystore maintenance utilities [closed]

java,ssl,encryption,keystore

Basically, a keystore is a repository of certificates located on the file system. See a more detailed definition here: https://www.google.com/search?client=ubuntu&channel=fs&q=what+is+a+keystore&ie=utf-8&oe=utf-8 Also this SO question What is Keystore? I believe should be helpful....

Concatenating MAC and salt with ciphertext

java,encryption,cryptography,aes,hmac

public class AESEncryption { private final String ALGORITHM = "AES"; private final String MAC_ALGORITHM = "HmacSHA256"; private final String PRNG_ALGORITHM = "SHA1PRNG"; private final String TRANSFORMATION = "AES/CBC/PKCS5Padding"; private final String PLAINTEXT = "/Volumes/CONNOR P/Unencrypted.txt"; private final String ENCRYPTED = "/Volumes/CONNOR P/Encrypted.txt"; private final String PASSWORD = "javapapers"; private final...

Problems generating a self-signed 1024-bit X509Certificate2 using the RSA AES provider

c#,.net,ssl,encryption,x509certificate2

The problem is with CryptGenKey function call. In the Algid parameter, you should pass either 0x1 (for RSA key exchange) or 0x2 (RSA digital signature). You don't need other values. And key length value should be 0x4000001 (with exportable key). Also, I noticed that you pass incorrect provider type when...

C# AES and RSA File Encryption - How to use IV?

c#,encryption,cryptography,aes,rsa

You where quite close, write out the IV before you create the CryptoStream static public Tuple<byte[], byte[]> EncryptAES(byte[] toEncryptAES, RSAParameters RSAPublicKey) { byte[] encryptedAES = null; byte[] encryptedRSA = null; using (MemoryStream ms = new MemoryStream()) { using (RijndaelManaged AES = new RijndaelManaged()) { AES.KeySize = 256; AES.BlockSize = 128;...

SSL/TLS: Why will the server be the only one to be able to decrypt the encrypted number if it's a public key?

ssl,encryption

Because it's public-private key encryption, not symmetric encryption. The plaintext is encrypted to cipher text with the public key and decrypted back to the plaintext with the private key. Trying to decrypt that ciphertext with the public key doesn't work.

Part of Decrypt non-sense

java,android,encryption,aes

Your code is OK assuming that the parameter input in your public String decrypt(byte[] input) method is successfully Base64 decoded from the cipher text by the caller (because your encrption returns Base64 encoded cipher string). But, in the decrypt() method you are creating a byte array plainText by getOutputSize() method....

SQL-Server Verify SHA2_512 hash procedure

sql-server,tsql,encryption,cryptography,sha512

This is because in hashA you are CASTing a VARCHAR to a VARBINARY, and in hashB you are CASTing a NVARCHAR to a VARBINARY. The first is non-Unicode, hence the difference. Try: declare @pswd nvarchar(max); set @pswd = '2YKRCqHv'; Select orig = a.Hash, hashA = 0x0200 + a.Salt + Hashbytes('SHA2_512',...

Secure downloaded Files in android applications with internal storage and encrypting usage?

android,encryption,android-contentprovider,internal-storage

You can use download manager to download files using asyntask. After that encrypt and decrypt that files. please refer below link.enter link description here

Reverse ^ operator for decryption

c,algorithm,security,math,encryption

This is not a power operator. It is the XOR operator. The thing that you notice for the XOR operator is that x ^ k ^ k == x. That means that your encryption function is already the decryption function when called with the same key and the ciphertext instead...

Error with encrypt message with RSA python

python,python-3.x,encryption,rsa

The error suggests that the encrypt method does not support encrypting a string message. Try encoding your string to bytes first using encode, e.g.: print(RSAPubKey.encrypt("Hello.".encode('utf-8'), 32)) It's also worth noting that, per the documentation, encrypt performs "textbook" RSA encryption, which is insecure due to the lack of padding. You should...

Trouble with for loops in Python 3: getting the index in string2 of an element from string1

python,python-3.x,encryption,indices,vigenere

for i in range(len(text)): print(alphabet.index(text.lower()[i])) just add lower() and it will work...

Php encrypt url

php,apache,codeigniter,url,encryption

Seems You're trying to use reserved name CI_Controller $newurl = base_url()."controller/method/".$e_email_app; or this was edited for question and You have a real name for controller and method? Also, please, check is encryption was success: $email_app = "test string"; $newurl = base_url("controller/method/".urlencode($this->encryption->encode($email_app))); $decoded = $this->encryption->decode(urldecode($newurl)); echo $decoded; // must be "test...

Securing RTP packets without encrypting each packets

security,encryption,sip,voip,rtp

I believe some of your concerns are addressed in the following IETF Spec - https://tools.ietf.org/html/rfc7201 - Options for Securing RTP Sessions But IMO, there is a cost of security w.r.t processing and thats a given for the enhanced layer of protection. I haven't come across any other fancier ways other...

Why do my “random” MachineKey's Validation Key and Decryption Key both start with the same bytes?

c#,asp.net,encryption,machinekey,.net-4.5.2

From the documentation: "The IsolateApps modifier specifies that ASP.NET generates a unique encrypted key for each application using the application ID of each application" Thus, it looks like IsolateApps is a safeguard to prevent identical keys being used by different apps that are sourcing the same machinekey config file. In...

AES Encryption in Java differs from PHP

java,php,encryption

Your test strings are different. In Java, you put "this is a plain string.". In PHP, you put "This is a plain string.". Mind the capital 'T'. Please adjust and try again....

Difference between results with RSA Encryption with Bouncy Castle in Java and C#

java,c#,encryption,rsa,bouncycastle

The output of RSA encryption, or any secure encryption method, outputs data that is indistinguishable from random to an attacker. This is performed by the IV for symmetric ciphers and by the padding method for RSA. If this wasn't the case then an attacker would be able to see similarities...

vb.net AES decryption returns “data is incomplete block”

vb.net,encryption,cryptography,aes

Despite all comments, I still lack understanding of your intentions. Therefore, the sample code below may not provide what you exactly want, but at least should give an idea how to employ cryptographic functions. Particularly, the most notable difference from your approach is that the encryption key and initialization vector...

WMI Code Creator for Bitlocker Status - where did i go wrong?

c#,encryption,wmi

If you search the MSDN for ManagementObjectSearcher you get this page. On every MSDN page for a .NET class you will see two pieces of information at the top of the page. Namespace: System.Management Assembly: System.Management (in System.Management.dll) The first line tells you that you need to add using System.Management;...

Why is it impossible to implement an “infinite” one time pad algorithm?

encryption,encryption-symmetric

You have to pair each bit of message with a same size bit of OTP. There's a limited amount of OTP. If you pair up all of the OTP bits with bits for the next OTP... a b c d e ... q w e r t ... There's no...

Rails request.create in rsa-sha256?

ruby-on-rails,ruby-on-rails-4,encryption,cryptography,saml

Actually, I found the anwser : In the lib, the sha1 ou sha256 ecryption will be defined by the settings, in the method create_params of OneLogin::RubySaml::Authrequest we have if settings.security[:authn_requests_signed] && !settings.security[:embed_sign] && settings.private_key params['SigAlg'] = XMLSecurity::Document::SHA1 ... end so, I had settings.security[:embed_sign] = false And so the condition was...

Encrypt string when passing it through url as hyperlink and decrypt to echo out on next page?

php,encryption

The problem is you already sent an encrypted value to ns_application.php. And again you first re-encrypt it and the try to decrypt it that's why it's not giving you desired result. try this: ns_application.php: <?php error_reporting(E_ALL); ini_set("display_errors", 1); require_once 'encryption.php'; $reference = isset($_GET['ns_request']) ? $_GET['ns_request'] : null; $enc=new encryption( array(...

why does my python code not encrypt or decrypt my message

python,encryption,caesar-cipher

mode = input("Please enter a mode: ").lower() makes the mode all lowercase which prevents it to equal either "Encrypt" or "Decrypt". So, your if clauses are not executed....

How to get file type from encrypted file?

c#,encryption,caesar-cipher

If it is a 'Caesar Shift', then you just run down the alphabet, trying each possible shift, there are only 25 of them. NBCM CM UH YRUGJFY nbcm cm uh yrugjfy ocdn dn vi zsvhkgz pdeo eo wj atwilha qefp fp xk buxjmib rfgq gq yl cvyknjc sghr hr zm...

Can I specify the nonce and counter in AES encryption counter mode?

encryption,aes,crypto++

Is this the only way to achieve this or is there any other easier way? No. The increment function operates on the full 128-bit block. See CTR mode and Counter Increment on the Crypto++ wiki. The longer answer is Yes if you provide your own IncrementCounter function. The longer...

Mounting GEOM_ELI Encrypted ZFS Pool as root

unix,encryption,freebsd,boot,zfs

Turns out I was correct. The daXp4.eli files are necessary as it's the metadata of each disk. A reference point if you will. By performing: geli backup /dev/daXp4 /boot/daXp4.eli It create the meta files required for geom to attempt a decryption at boot time. I hope this helps someone else...

OutOfMemoryException while decrypting file using facebook conceal

java,android,facebook,encryption,facebook-conceal

As Bruce did highlight on bottleneck on Encryption which leads to OutOfMemoryException at time of Decryption. So here's code which i'm executing while encrypting and decrypting which no more leads to OutOfMemoryException. Encryption : fileStream = new BufferedOutputStream(new FileOutputStream(mEncryptedFile)); OutputStream outputStream; outputStream = crypto.getCipherOutputStream(fileStream, entity); int read; byte[] buffer =...

rails saml how to decrypt xml?

ruby-on-rails,xml,ruby-on-rails-4,encryption,saml

finally, I succeeded to fix the problem : Here the solution: response.settings = saml_settings enc_key = REXML::XPath.first(response.document, "//xenc:EncryptedKey//xenc:CipherData/xenc:CipherValue").text enc_value = REXML::XPath.first(response.document, "//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue").text private_key = OpenSSL::PKey::RSA.new(CONFIG_PRIVATE_KEY) data_key = private_key.private_decrypt(Base64.decode64(enc_key), OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING) actual_output = decrypt_cipher_data(data_key,...

gzip and pipe to output (performance consideration)

linux,unix,encryption,gzip,solaris

Gzip is a streaming compressor/decompressor. So (for large enough inputs) the compressor/decompressor starts writing output before it has seen the whole input. That's one of the reasons gzip compression is used for HTTP compression. The sender can compress while it's still generating content; the recipient can work on decompressing the...

Get RSA keys in a “simple” form

c++,c,encryption,openssl,rsa

This is the simple form - including the header and footer and extra newlines. Most certificate programs can handle this form just fine.

c++ convert hexadecimal string with “:” to original “binary” string

c++,encryption

Here are problems that you should fix before debugging this any further: cipherStream should be ostringstream, not istringstream The for loop should stop two characters before the end. Otherwise your substr is going to fail. Make the loop condition i+2 < text.size() When you read two characters from the input,...

How can we create our own string encoding-decoding or encryption-decryption script in java without using any given library i.e. Base64, AES, etc?

java,security,encryption,encoding,cryptography

Maintaining a HashMap of Key(the value getting replaced) with a value(the value to be replaced) and just changing the string using a simple function will do. import java.util.HashMap; import java.util.Map.Entry; public class Encrypt { /** * @param args */ static HashMap<String, String> hm = new HashMap(); public static void main(String[]...

Cipher text in C,How to repeat key characters

c,encryption,vigenere

You can use another loop variable an make the index of the key 0 every time it reaches its length. I have used variable j in this case. Try this code: #include<stdio.h> #include<string.h> int main() { char str[100],k[50],str1[100]; int i,n; gets(str);// Input plain text. gets(str1);//Input key. int lenk=strlen(str1),j; //calculate length...

(Android) Encrypting data disallowing awarness of the method used in the source code

java,android,encryption

As far as I am aware, you could use Proguard to obfuscate your code. In your build.gradle you can set minifyEnabled to true instead of (the default) false. Which will then obfuscate your code. Example: buildTypes { release { minifyEnabled true proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' } } ...

Decrypting AES in Objective C

objective-c,encryption,cryptography,commoncrypto,rncryptor

The Java getInstance method should provide all the necessary information and not rely on defaults. Such as: "AES/CBC/PKCS5Padding (128)", "AES/ECB/NoPadding (128)" or some other combination. With the "AES" spec I would guess: ECB mode (really bad choice), PKCS5Padding, and a key length based on the supplied key null padded as...

Bcrypt encryption in Symfony2

php,symfony2,encryption,bcrypt

ircmaxell/password_compat is a polyfill library. You can just add it to your dependencies and call the password_hash() function without worrying about the PHP version. For PHP 5.5+ it will use the native PHP version, for lower versions it will resort to the library.

Encrypted Querystring in URL getting changed to lowercase in Outlook

c#,asp.net,email,url,encryption

If outlook is sabotaging your links, then you need to make your links case indifferent. If you absolutely must keep upper and lowercase in your links for decryption, use a marker character: Generate encrypted string. Before each upper case character, insert marker character (pick a valid character your encryption scheme...

Android encryption and decryption of text fails

android,security,encryption,encryption-symmetric

The output type of Cipher#doFinal(byte[]) is byte[], but Arrays don't have a default way in which their contents are printed. By calling byte[].toString() on an array, you're simply printing its type and hash code. (More on this here) What you want is decrypted = new String(cipher2.doFinal(decodedBytes), "UTF-8"); which tells the...

Using Salt in AES in C# and PHP

c#,php,encryption,mono,aes

The answer you have posted implements the Rfc2898DeriveBytes class to get the bytes of the encrypting key. This is advised, but not mandatory. You don't have to use Rfc2898DeriveBytes and can simply modify that AES implementation not to take a salt and simply take the password's bytes as the key...

Node.js crypto key and iv to match java SecretKeySpec / IvParameterSpec

node.js,encryption,cryptography,aes,padding

Assuming you have the same password string as in the Java code, you can create a key buffer like this in node: var key = new Buffer(password, "utf8"); Since you're using a zero filled IV (bad!) in Java, this is the equivalent code in node: var iv = new Buffer(16);...

MySQL AES_DECRYPT wrong/strange result

mysql,encryption,aes

it is working even on your side but it is blob data you are seeing. denc: 74 65 78 74 74=t 65=e 78=x 74=t, add them together you get 'text' ascii table here: http://www.asciitable.com/ try it with cast to make it more obvious: SELECT cast(AES_ENCRYPT('text', SHA1('My secret passphrase')) as char(100))...

Digital Signature in java / android (RSA keys)

java,android,encryption,rsa,digital-signature

When signing you returned your signature base64-encoded: return Base64.encodeToString(signatureBytes, Base64.DEFAULT); Thus, when verifying you have to base64-decode the signature string. But what you do is: byte[] signatureBytes = signature.getBytes("UTF8"); So the signatureBytes you try to verify are completely different from the signatureBytes you had as a result of signing. You...

Is it OK to encode data using key equal to data?

encryption,cryptography,aes

Encryption only guarantees uniqueness if the same key is used. If you are using different keys then there is no guarantee of uniqueness. If you want to guarantee uniqueness of output then keep to the same key and ensure that the input strings are unique. Either you can accept only...

What is the encryption strength if I don't know the encryption method and parameters?

encryption

Well, in general you should not rely on information in the algorithm / protocol itself. Such information is generic for any key you use, so you should consider it public knowledge. OK, so that's that out of the way. Now say you use 16 methods and you somehow have created...

AES 256 and Base64 Encrypted string works on iOS 8 but truncated on iOS 7

php,ios,encryption,aes

Don't use phpAES. You're shooting yourself in the foot with an enormous cannon. From their page: The free version only supports ECB mode, and is useful for encrypting/decrypting credit card numbers. This is incredibly wrong and misleading. ECB mode is not suitable for any purpose except as a building block...

Creating My Symmetric Key in C#

c#,security,encryption,cryptography,aes

for symmetric encryption algorithms most often need a binary array as a key. It raises the following questions: how to get the binary data for the key? The key should be random. If it is not random, it is easier to figure out by others. Unfortunately, it is not that...

Receiving unexpected indent with encryption script [closed]

python,encryption

You probably forgot to fix the indents when copying the text over. These five lines need to be unindented: options=raw_input("Would You Like To Encrypt/Decrypt Again? Y/N\n") if options=='y': loop=5 if options=='n': loop=0 The easiest way to do this in IDLE is to make a selection that has at least part...

DES encrypted value mismatching android and ios

ios,objective-c,iphone,encryption

It's obviously only a problem with the mode of operation, because the first block matches. In Java you're using ECB mode, because "DES" defaults to "DES/ECB/PKCS5Padding". I think that CCCryptor defaults to CBC. Don't ever use ECB mode. It's not semantically secure. You need to use at least CBC mode...

How to securely pass data from php forms to html

javascript,php,html,security,encryption

Google for and read relevant information such as this. Do not hash on the client. Pass the clear-text password to the server. Use POST to keep the password out of the URL (URLs have a nasty way of getting logged and otherwise exposed to people). I personally recommend to...

Migrating C# .Net encrypt/decrypt algorithm to Ruby

c#,ruby-on-rails,ruby,encryption,encryption-symmetric

Finally, I found a library that exactly match the C# code and is ruby-mcrypt (https://github.com/kingpong/ruby-mcrypt). And the encryption/decryption code i used is this: require 'mcrypt' module Crypt def Crypt.m_encrypt(data, key) crypto = Mcrypt.new(:rijndael_128, :ecb, key, nil, :zeros) encrypted_data = crypto.encrypt(data) encrypted_data end def Crypt.m_decrypt(data, key) crypto = Mcrypt.new(:rijndael_128, :ecb, key,...

How to use AES CBC using a key longer than 256 bits in Python

python,encryption,aes

AES is only defined for key sizes of 128, 192 and 256 bit. The is no way to use some other key size and still call it AES. If you want to be compatible with other implementations, you will have to stick to the defined key sizes. Two common ways...

Source text, key size relationship for encryption/decryption in Go

encryption,go,cryptography,aes,rsa

One does not usually calculate the RSA key size based on payload. One simply needs to select one RSA key size based on a compromise between security (bigger is better) and performance (smaller is better). If that is done, use hybrid encryption in conjunction with AES or another symmetric cipher...

Encrypt file in python with aes

python,encryption,aes

A quick Google search guided me to the Crypto package. It comes with the iPython that I am using, but the installation should be trivial anyway. I just repost the example here for your information. >>> from Crypto.Cipher import AES >>> obj = AES.new('This is a key123', AES.MODE_CBC, 'This is...

Getting variable encryption results with VB.Net and DES

vb.net,encryption,des

You are setting TripleDES.Mode = CipherMode.ECB after you have called TripleDES.CreateEncryptor(), so the first encryption is using the default value of CipherMode.CBC. Since TripleDES is reused, after the first call to EncryptData its Mode is set correctly. Move TripleDES.Mode = CipherMode.ECB into New and it should work consistently....

Code fails for decrypting without salt or iv in Java

java,security,encryption,aes,password-encryption

You can decrypt the ciphertext in exercise 3.8 by using the simple ECB mode of AES, which does not use an IV. Since you have the key, there is no need for salt (there is no key derivation). Use AES 256 ECB mode in Java, and pass the key as...

Why does node.js's crypto module give a different result than Java's Cipher class for AES encryption?

java,node.js,encryption,aes

You need to use the same mode of operation. Your java code specifies the cipher string as "AES". This is not fully qualified, so your default JCE provider will select its own default for "AES" which is "AES/ECB/PKCS5Padding" (in your case), because it's the most basic one, but also insecure...

Translate JavaScript code of RSA encryption to Python

javascript,python,encryption,rsa

Both private and public keys contain the modulus n. The public key contains the modulus and the encryption (public) exponent e, the private key contains the modulus and the decryption (private) exponent d. So what you have to do is to simply extract the three values n, d, e from...

Decrypt an encrypted text

c#,encryption

Well I finally solved it... I copied this code from https://social.msdn.microsoft.com/Forums/vstudio/en-US/d6a2836a-d587-4068-8630-94f4fb2a2aeb/encrypt-and-decrypt-a-string-in-c?forum=csharpgeneral static readonly string PasswordHash = "[email protected]@Sw0rd"; static readonly string SaltKey = "[email protected]&KEY"; static readonly string VIKey = "@1B2c3D4e5F6g7H8"; public static string Encrypt(string plainText) { byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText); byte[] keyBytes = new Rfc2898DeriveBytes(PasswordHash,...

How to decrypt using only ciphertext for NimbusDS?

java,json,encryption

No, you cannot decrypt the ciphertext without key. That is, not unless an implementation mistake has been made. Jason web encryption seems to have been defined for modern algorithms such as RSA-OAEP and AES-GCM. Although none of these has been proven secure, it is generally assumed that they are by...

An exception of type 'System.Security.Cryptography.CryptographicException': keyset does not exist

c#,encryption,cryptography,rsa,x509certificate

As I understand, you are trying to sign some data using RSA having only a public key. RSA signing is a process of document verification. You sign a document using private key and then use public key to check if it is really yours. In other words, you cannot sign...

DES decryption only working when the key is 0s

c#,encryption,des

There is a CryptoAPITransformMode parameter in _NewEncryptor (the last one) that you forgot. You put it "fixed" at 0, but it can be 0 or 1 (Encrypt or Decrypt). It is internal, but in the end passing an int is ok. public static class DESCryptoExtensions { // Mode = 0...

How to decrypt identity section in web config?

asp.net,encryption

You can decrypt the encrypted Web.config file contents, if you want to, by running aspnet_regiis.exe with the -pdoption. The syntax is the same as the syntax for encrypting Web.config file contents with the -pe option, except that you do not specify a Protected Configuration provider. Example: aspnet_regiis -pd "connectionStrings" -app...

Decrypt strings encrypted with a SecretKey, when the key is no longer accessible

android,encryption

Well it's a bit unfair to remove all of user's data just because they forgot a password. Then they shouldn't be storing stuff in a container that requires a passphrase. Next, you'll argue that anyone should be able to open any wall safe using a hockey ticket stub and...

Issue with understanding keystore and ssl

java,android,ssl,encryption

Now he adds the server.cer to the clients-keystore and the clients.cer to the server's keystore. Wrong here. You should add the exported certificate to a truststore in each case. Export from server keystore to client truststore, client keystore to server truststore. That way the client can encrypt the plaintext...

MemoryStream to String, and back to MemoryStream without adding any bytes (encodings, etc.)

c#,arrays,string,encryption

Let's say, that your MemoryStream contains the following input data: [0x01, 0x02, 0x03, 0x04] When you read it with streamreader, the binary representation of your string will be: [0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04], because strings use two byte representation for a character. What you do afterwards is...

How to customize the output of the Postgres Pseudo Encrypt function?

postgresql,encryption

This function has 3 properties global unicity of the output values reversability pseudo-random effect The first and second property come from the Feistel Network, and as already explained in @CodesInChaos's answer, they don't depend on the choice of these constants: 1366 and also 150889 and 714025. Make sure when changing...

Encryption of strings using AES 128 in Java/grails

java,grails,encryption,aes

cipher.init method call is missed in your code. Check the below code. public byte[] encrypt(byte[] data, byte[] key) { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES")); return cipher.doFinal(data); } For decrypt have to change mode to Cipher.DECRYPT_MODE...

Symmetric encryption (AES) in Apache Thrift

java,python,encryption,aes,thrift

As stated by JensG, sending an externally encrypted binary or supplying a layered cipher transport are the two best options. It you need a template, take a look at the TFramedTransport. It is a simple layered transport and could easily be used as a starting block for creating a TCipherTransport.

How do I write Objects through a ObjectOutputStream, when the Objects are created in a different class?

java,encryption,inputstream,outputstream

How do I write Objects through an ObjectOutputStream, You call ObjectOutputStream.writeObject(). 2nd question that you didn't ask: how do I read objects through an ObjectInputStream? You call ObjectInputStream.readObject(). 3rd question that you didn't ask: how can I discover the type of an incoming object? You can discover the type...

searchable row level encryption using java?

java,database,security,encryption,bouncycastle

One of the most important properties of good encryption is that similar plaintexts are encrypted into vastly different ciphertexts. Roughly half of the bits of two ciphertexts will match. This property makes it hard (impossible) to formulate any kind of query that looks for substrings through LIKE or determines whether...

How to generate a md5 hash for an htpasswd file in PHP when I don't have the plaintext

php,linux,apache,encryption,hash

There are two ways to store MD5 based hashes in .htpasswd: standard md5crypt and Apache's own MD5 hashing. The two algorithms are identical, but they use different magic string constants. They're based on md5'ing 1000 times as you say, but if you look closely at the algorithm, you'll see that...

Decrypted string returns “Length of the data to decrypt is invalid”

c#,encryption,cryptography

Don't store passwords even if you encrypt them. the best practice is to store the password's hash using a known hash algorithm (SHA256 for example) + using a random salt For example: public static string GeneratePasswordHash(string password, string salt) { Byte[] passwordBytes = Encoding.UTF8.GetBytes(password + salt); Byte[] hashedBytes = new...

Implement same RSA encryption on iOS and Android

android,ios,encryption,rsa

PKCS1 padding adds an element of randomness into the encryption. If you encrypt the same thing twice, you should get different ciphertexts. But both ciphertexts should decrypt to the same plaintext (modulo the added randomness, which should be handled by the PKCS1 implementation). https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding...

iOS “Data Protection” depends on user passcode set or not?

ios,encryption,data-protection

From the iOS documentation (Protecting Data Using On-Disk Encryption): Data protection is available on most iOS devices and is subject to the following requirements: The file system on the user’s device must support data protection. Most devices support this behavior. The user must have an active passcode lock set for...

Issues with AES Encryption using SynCrypto

delphi,encryption,cryptography,aes

AES is a block cipher algorithm. It means that it works by blocks that are 16 bytes in size for AES. So you need to use padding if your data does not fit in 16 bytes blocks (which is the case for your text). Instead of trying to re-invent the...

How can we improve SSL handshake to increase the security?

security,ssl,encryption,server,cl

I'm not sure that you quite have this right. The connection is supposed to be: client <--> server The client knows that it's talking to the server due to the SSL handshake and validation of the server certificate. Your question is what would happen if: client // MiTM <--> server...

Convert plaintext to perform elgamal encryption

java,encryption,elgamal

BigInteger has a constructor taking a byte array as argument. Any String can be converted to a byte array, without loss, using (for example), UTF-8 encoding: byte[] bytes = string.getBytes(StandardCharsets.UTF_8); Combine both, and you have an easy way to transform a String into a BigDecimal. For the reverse operation, use...

Is it possible to implement AES with a 64-bit I/O block size?

security,encryption,cryptography,aes

AES is defined only for 128-bit block sizes. If there would be a way to reduce the block size, it wouldn't be AES anymore. The block cipher is not the only thing that determines what you can encrypt. The mode of operation determines how the block cipher is actually applied....

What are the different ways of generating a key for encription

php,encryption,aes,symmetric-key

You have three different key lengths. AES is specified for the following three key lengths: 128-bit (16 byte), 192-bit (24 byte) and 256-bit (32 byte). I'm not going to go into detail about the strength of different key sizes. Let's take them apart: $key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3"); This is a...