cryptography

Why is an s-box input longer than its output?

http://en.wikipedia.org/wiki/S-box I can't understand where the extra bits are coming from in this article about s-boxes. Why doesn't the s-box take in the same number of bits for input as output? ...

How can I generate a unique, small, random, and user-friendly key?

A few months back I was tasked with implementing a unique and random code for our web application. The code would have to be user friendly and as small as possible, but still be essentially random (so users couldn't easily predict the next code in the sequence). It ended up generating values that looked something like this: Af3nT5Xf2 ...

How to encrypt one message for multiple recipients?

What are the fundamentals to accomplish data encryption with exactly two keys (which could be password-based), but needing only one (either one) of the two keys to decrypt the data? For example, data is encrypted with a user's password and his company's password, and then he or his company can decrypt the data. Neither of them know the ...

Is there a best .NET algorithm for credit card encryption?

The .NET System.Security.Cryptography namespace has a rather bewildering collection of algorithms that I could use for encryption of credit card details. Which is the best? It clearly needs to be secure for a relatively short string. EDIT: I'm in the UK, where I understand we're OK storing encrypted credit card details so long as the ...

App.config connection string Protection error

I am running into an issue I had before; can't find my reference on how to solve it. Here is the issue. We encrypt the connection strings section in the app.config for our client application using code below: config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None) If config.ConnectionStrings.Sect...

How can I use a key blob generated from Win32 CryptoAPI in my .NET application?

I have an existing application that is written in C++ for Windows. This application uses the Win32 CryptoAPI to generate a TripleDES session key for encrypting/decrypting data. We're using the exponent of one trick to export the session key out as a blob, which allows the blob to be stored somewhere in a decrypted format. The question i...

128 bit data encryption using Java

Hi, I need to store some sensitive data by encrypting it with atleast 128 bit key. I investigated into javax.crypto package and found that there are certain Cipher names, like PBEWithMD5AndDES or PBEWithSHA1AndDESede which provides encryption upto 56 bit and 80 bit (http://en.wikipedia.org/wiki/DESede). I referred other guys posts but...

Is Bouncy Castle API Thread Safe ?

Is Bouncy Castle API (http://bouncycastle.org/java.html) Thread Safe ? Especially, org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher org.bouncycastle.crypto.paddings.PKCS7Padding org.bouncycastle.crypto.engines.AESFastEngine org.bouncycastle.crypto.modes.CBCBlockCipher I am planning to write a singleton Spring bean for basic l...

How to implement password protection for individual files?

I'm writing a little desktop app that should be able to encrypt a data file and protect it with a password (i.e. one must enter the correct password to decrypt). I want the encrypted data file to be self-contained and portable, so the authentication has to be embedded in the file (or so I assume). I have a strategy that appears workabl...

Inter-convertability of asymmetric key containers (eg: X.509, PGP, OpenSSH)

Are asymmetrical cryptographic keys fundamentally inter-convertible between the major key container formats? For example, can I convert an X.509 key file into a PGP or OpenGPG key file? And--assuming the answer is yes--is it "security neutral" to keep one key pair in whatever format and convert into whichever container file format is n...

How do I hash a string with Delphi?

What hash algorithms does Delphi support? ...

Should I use an initialization vector (IV) along with my encryption?

Is it recommended that I use an initialization vector to encrypt/decrypt my data? Will it make things more secure? Is it one of those things that need to be evaluated on a case by case basis? To put this into actual context, the Win32 Cryptography function, CryptSetKeyParam allows for the setting of an initialization vector on a key pri...

Good primers on Cryptography

I'm wondering if anyone can recommend good primers on Cryptography and Crypto theory for someone with little or no prior experience in the area. I'll be honest and say it's something I've always found fascinating but having recently read Cryptonomicon I had my interest resparked in the whole field. I just did some searching on here and ...

I have P & G-- how do I use the Wincrypt API to generate a Diffie-Hellman keypair?

There's an MSDN article here, but I'm not getting very far: p = 139; g = 5; CRYPT_DATA_BLOB pblob; pblob.cbData = sizeof( ULONG ); pblob.pbData = ( LPBYTE ) &p; CRYPT_DATA_BLOB gblob; gblob.cbData = sizeof( ULONG ); gblob.pbData = ( LPBYTE ) &g; HCRYPTKEY hKey; if ( ::CryptGenKey( m_hCryptoProvider, CALG_DH_SF, CR...

Cryptography algorithm

I'm making a simple licensing system for my apps. I don't know about cryptography, but I know that I need a algorithm that consists of 2 keys: private and public. I need to encrypt some data (expiration date and customer email) using my private key, and then my app will decrypt the data using the public key to compare expiration date. ...

I'm using Wincrypt for Diffie-Hellman-- can I export the shared secret in plain text?

OK-- thanks to Mike, I was able to get Wincrypt to generate a Diffie-Hellman keypair. I figured out out to export the public key, and how to import the other party's public key. According to the docs, upon import of the other party's public key, the shared secret has been computed. Great. I now need to get ahold of that shared secret...

Enumerating Certificate Fields in C#

How do you enumerate the fields of a certificate help in a store. Specifically, I am trying to enumerate the fields of personal certificates issued to the logged on user. ...

Best way to prevent duplicate use of credit cards

We have a system where we want to prevent the same credit card number being registered for two different accounts. As we don't store the credit card number internally - just the last four digits and expiration date - we cannot simply compare credit card numbers and expiration dates. Our current idea is to store a hash (SHA-1) in our sys...

Optimize y = x*x in Galois field arithmetic

I have this C-code to do multiplications over GF(8): int32_t GaloisMultiply (int32_t a, int32_t b) { int32_t i; int32_t mask = 0x100; int32_t y = 0; for(i=0;i<8;i++) { if(b & mask) { y ^= a; } mask >>= 1; y <<= 1; } if(b & 0x1) { y ^= a; } return(y); } That's more or less the text-boo...

What techniques do you use when writing your own cryptography methods?

For years, maybe 10, I've been fascinated with cryptography. I read a book about XOR bit-based encryption, and have been hooked ever since thing. I guess it's more fair to say that I'm fascinated by those who can break various encryption methods, but I digress. To the point -- what methods do you use when writing cryptography? Is obfus...