Hi there, I'm trying to store a password in a file that I'd like to retrieve for later. Hashing is not an option as I need the password for connecting to a remote server for later. The following code works well, but it creates a different output each time even though the key is the same. This is bad as when the application shuts down a...
Hello everybody, I'm considering the following: I have some data stream which I'd like to protect as secure as possible -- does it make any sense to apply let's say AES with some IV, then Blowfish with some IV and finally again AES with some IV? The encryption / decryption process will be hidden (even protected against debugging) so it...
The problem is not about randomness itself (we have rand), but in cryptographically secure PRNG. What can be used on Linux, or ideally POSIX? Does NSS have something useful? Clarification: I know about /dev/random, but it may run out of entropy pool. And I'm not sure whether /dev/urandom is guaranteed to by cryptographically secure. ...
Good day :) I'm pretty new to both C++ and Block Cipher encryption, and I am currently in the process of writing a decryption function for AES (16 byte seed / 16 byte blocks). All is going well, but my total data size is not always a multiple of my block size. I'm wondering what the best way to handle left-over data at the end of my dat...
I have a client who is interested in adding in electronic signature support to a long (40 question) seller application form. I'm a little stumped on whether there is an existing standard or process that's out there that folks in the financial world would expect to see? I could certainly add in a system where we generate a bunch of text ...
Hi! Any recommended crypto libraries for Python. I know I've asked something similar in http://stackoverflow.com/questions/143523/, but I should've split the question in two. What I need is the ability to parse X.509 Certificates to extract the information contained in them. Looking around, I've found two options: Python OpenSSL Wra...
Hello, I'm writing an implementation of the XXTEA encryption algorithm that works on "streams", ie, can be used like: crypt mykey < myfile > output. One of the requisites is that it doesn't have access to the file at all (it only reads an fixed size block until find an EOF). The algorithm needs that the data bytes is multiple of 4, so i...
I am studying for cryptography and I somehow stuck on understanding how DES works. Because it is around for a long time there should be nice tutorials like fancy diagrams, videos etc around the net. I searched but with no luck. Has anyone spotted anything "easy-to-digest" for the brain? ...
Out of curiosity, what is "the best cryptography algorithm" for you as a programmer, given both security and ease of implementation? ...
Ok guys just a small game: I have some specifications for a project. At some point they ask for the following to encrypt a password over the net, saying that it is a challenge response protocol: CLIENT ----------------------------- SERVER (1)ask for challenge --------------> (2) <---------------------------- send SHA1 taken from ...
I am trying to generate equivalent MD5 hashes in both JavaScript and .Net. Not having done either, I decided to use against a third party calculation - this web site for the word "password". I will add in salts later, but at the moment, I can't get the .net version to match up with the web site's hash: 5f4dcc3b5aa765d61d8327deb882cf99...
I noticed a good while back that Wikipedia links to a Javascript implementation of different hash functions. Also found Clipperz Crypto. Even Mozilla implements a crypto object in Firefox. So, Is Javascript a proper platform for cryptography? Or, can it be? Or, I suppose.. Are there any purposes or benefits for hashing data before POST?...
So I need to generate a code that can be tied to a specific user/prospect with a dollar amount built into it. It needs to be reversible so that client application can confirm the validity of the code and apply the discount a manager intends. I'd like to make the code as short as possible but it needs to be well obfuscated so that the s...
We have recently implemented Transparent Data Encryption in SQL Server 2008 for local databases on our developers laptops to keep them protected in the case a laptop is stolen or lost. This works fine. Now we are trying to figure out a way to have the certificate expire everyday, forcing an automated process (a script at logon maybe) t...
So I was wondering if there are any major differences between the various implementations of the hash algorithms, take the SHA series of algorithms for example. All of them have 3 implementations each, 1 in managed code and 2 wrappers around different native crypto APIs, but are there any major differences between using any of them? I ca...
I'm a bit confused that the argument to crypto functions is a string. Should I simply wrap non-string arguments with str() e.g. hashlib.sha256(str(user_id)+str(expiry_time)) hmac.new(str(random.randbits(256))) (ignore for the moment that random.randbits() might not be cryptographically good). edit: I realise that the hmac example is s...
As documented by the MSDN here, there are several providers for many of the different hashing algorithms (e.g. MD5, SHA, RIPE). For each of the algorithms, any available implementation seems to fall into 1 of 3 categories: [Algo]Cng [Algo]CryptoServiceProvider [Algo]Managed Why are there multiple implementations of any of these hashi...
/dev/random and /dev/urandom use environmental noise to generate randomness. With a virtualised server there can be multiple instances of an Operating System on one hardware configuration. These operating systems will all be sourcing their randomness from the same environmental noise. Does this mean as a group the random number genera...
How can I add a plaintext into encrypted ciphertext? For example, I would like to add number 4 into encrypted(5) ...
Hello, I've got an RSA private key in PEM format, is there a straightforward way to read that from .NET and instantiate an RSACryptoServiceProvider to decrypt data encrypted with the corresponding public key? ...