I'm currently developing a system to transmit data between client and server, and was wondering what the strength of the encryption I planned to use was. My thought was to have a private/public RSA key pair and hand out the public key to each client (leaving the private key solely on the server). Each client would then generate their ow...
Is there any fast implementation of cryptographically secure pseudorandom number generator (CSPRNG) for C# 3.0 (.NET Framework 3.5), for authentication tokens? ...
I have a working .NET web application that perform hashing and encryption using MD5 on a certain string. This string will be stored in a cookie. The problem is, I will need to validate this cookie from an ASP classic application. From what I know, there are no built in cryptographic providers in ASP classic, thus I may need to copy/wri...
Hi all, We are creating sample application for windows mobile using Rijndael algorithm. Its working fine. But the problem is when we decrypt the data there is a 8 bit padding up on the right side of the value for the example, we are encrypting a Unique key for transaction and it looks like this : Before encryption: MI031120090446250000...
Hi, i need to fully understand the IPSec Phase 1 negotiation. now, I break this to 3 steps: 1) Algorithm negotiations. 2) Key Exchange Data 3) Identification I'm using wireshark to invastigate the process and so far I fully understands the 1st part (Algorithm Negotiations). My current problem lies in the 2 nd part: Key Exchange Data. T...
I need to digitally sign some text in python using a private key stored in a .pem file. It seems like M2Crypto is the preferred way to do that these days, so that's what I'm using. I think I get most of it, but I'm confused about how to configure padding. To be specific, I need to verify the signature in an iPhone app, using a padding ...
I want simple encryption and decryption of password in C#. how to save the password in encrypted format in database and retrieve as original format by decryption, kindly anyone help with sample code. ...
I have 2 websites: one written in classic asp and another written in ASP.NET (1.1 framework). Both applications use a login mechanism to validate user credentials based on a shared database table. Up to now passwords are stored in a 1-way MD5 hash, meaning people must be given a new generated password if they lose the old one. I now want...
I'm currently attempting to code one for part of a college project - binary/hex handling and cryptographic functions are well regarded in the mark scheme, so I thought I'd kill two birds with one stone. However, the documentation availible on the algorithm itself is thorough but confusing. Is there a prexisting PHP libary/class that I c...
I would like to find (mature) API alternatives to use TPM (Trusted Platform Module) funcionality on Linux (and maybe other *nix). I'm interested in trusted encrypt/decrypt functions for authentication (probably integrating with Kerberos). I found jTSS (for Java) and TrouSerS, but I would like to know about other alternatives, if any. "G...
Hi, We have a ciphertext with IC=0.0685. We want to find out the class descriptor (mono-alphabetical/poly-alphabetical/transposition). I have applied the 2 probabilistic tests to try and guess what class it belongs to. These tests are: Ratio of vowels to total (<25%) then more likely a substitution %ETAOS in text (<35%) then more likel...
This is a combinatorics question with some theory in hashing algorithms required. Let's say the input can be any random sequence of bytes 30 kB to 5 MB of size (I guess that makes quite a few combinations of input values :)) What is the probability that the first 4 bytes (or first n bytes) of a MD5 hash computed from the byte sequence ...
Hi i am trying to set up an RSA cryptosystem i have all the values except d selected prime numbers: p=1889, q=2003 n=3783667 phi=3779776 e= 61 i got stuck finding d could anyone help me to figure it out? Setting up an RSA cryptosystem • Two large distinct prime numbers p and q are selected, and n = pq and Φ(n) = (p − 1)(q − 1) are cal...
Using the Windows CryptoAPI, is there any way to specify which public exponent to use when generating a new key-pair (ie. 3 instead of 65537)? As a bonus question: how would I access this functionality using .NET RSACryptoServiceProvider? EDIT: My guess is that the answer is "No", but I would like to get confirmation. ...
I've spent the past 2 hours reading up on salting passwords, making sure that I understood the idea. I was hoping some of you could share your knowledge on my conclusions. Say the salts on a system are 12 characters. If i'm an attacker, I don't have to create a rainbow table of all the combinations of those 12 characters with each entr...
I am not a security expert... so I might be very wrong here. Am I right in that the only advantage to using a stronger algorithm is to slow down password cracking? In which case they must have the password hash and so will have already comprimised my database right? As I do not store any thing of real world value what is the point in ...
Hi guys I have read about password salting, but this might sound a little odd. But how do I store and secure the salt. For example in a multi tire architecture say I use the client machine’s GUID to generate my salt then the user gets restricted to a single machine but if I use random salt it has to be stored somewhere. Few days back I ...
Hello, I used openSSL command to create 2 files: 1 for RSA public key & 1 for RSA private key. How do I recover RSA keys using C? Specifically, I have these functions: RSA_public_encrypt(read_num, in_buf, out_buf, public_key, RSA_PKCS1_PADDING); RSA_private_decrypt(read_num, in_buf, out_buf, private_key, RSA_PKCS1_PADDING); The 4th ...
For each of our binary assets we generate a MD5 hash. This is used to check whether a certain binary asset is already in our application. But is it possible that two different binary assets generate the same MD5 hast. So is it possible that two different strings generate the same MD5 hash? ...
whats happening in this line of code ? SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); i specially dont understand getInstance("PBKDF2WithHmacSHA1") part ...