I've got two systems that need to talk. The systems are setup likeso: System A, running Django (Python 2.5) on Google App Engine (GAE) System B, running Django (Python 2.6) on Ubuntu/Linux over Lighttpd (maybe nginx, later) System A will periodically make requests ('requisitions') of System B using Url Fetch. System B has a Django ap...
When I am using (encrypt/decrypt) javax.crypto.Cipher class for long string, some characters in output string are invalid. //ecnryption byte[] inputBytes = str.getBytes(); cypheredBytes = cipher.doFinal(inputString, 0, inputBytes, outputBytes, 0); return new String(outputBytes, 0, cypheredBytes); //decryption byte[] inputBytes = s...
I'm having a problem using a machine level RSA key container when storing only the public key of a public/private key pair. The following code creates a public/private pair and extracts the public key from that pair. The pair and the public key are stored in separate key containers. The keys are then obtained from those key containers ...
Hi, I've got the following code sample in Java, and I need to re-enact it in C#: PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(pkcs8PrivateKey); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PrivateKey privKey = keyFactory.generatePrivate(privKeySpec); Signature sign = Signature.getInstance("MD5withRSA"); sign.init...
Are there any providers offering code signing certificates for (Red Hat Enterprise) Linux? I see a lot of buzz for Microsoft-land, but not much for Linux. I know how to generate my own certificates and embed a public certificate into my executable. I'm specifically looking for ways to get the certificate signed by a trusted CA. The t...
[Disclaimer: I know, if you know anything about crypto you're probably about to tell me why I'm doing it wrong - I've done enough Googling to know this seems to be the typical response.] Suppose the following: you have a central authority that wants to issue login cookies for a given domain. On this domain, you don't necessarily trust ...
How is the an encryption algorithm's security dependent on factoring large numbers? For example, I've read on some math-programming forums that by using the Quadratic Sieve or the General Number Field Sieve, one can factor a 256 bit number with relative ease on commercially available hardware. How does this translate to being able to b...
Information theory comes into play where ever encoding & decoding is present. For example: compression(multimedia), cryptography. In Information Theory we encounter terms like "Entropy", "Self Information", "Mutual Information" and entire subject is based on these terms. Which just sound nothing more than abstract. Frankly, they don't r...
I am a student in college and have an assignment which requires finding large prime numbers. I was given the following "simple" algorithm by the professor to find 2 likely prime numbers. generate random a and p where 1 < a < p confirm that gcd(a,p) is = 1 -- this is suppose to remove Carmichael numbers Edit(meant equal to 1) perform "m...
I have some idea that it is due to some complex calculation, but i want to know about what exactly happens which takes long time than the corresponding encryption process. Any link to webpage or paper would be of great help. Thanks Thanks for the answers, One more Doubt, What about the Signing and verification? Will this time differenc...
It's not that I don't have access to javascript, of course. In most of my CS Web Development courses, we are taught a little bit about server-side validation, and then as soon as javascript is introduced, server-side validation is thrown out the window. I choose not to just rely on javascript, as the client-side is never a secure place....
We are storing hashed passwords in a database table. We prepend each password with a random salt value and hash using MD5CryptoServiceProvider. Is this safe? I have heard MD5 was "broken". If not, can you recommend an alternate hash method to use (specific .NET framework class)? ...
For a webapplication, when HTTPS is not available as a security measure, is it possible to still make the login somewhat secure? E.g.: Tokenize logins, to make repeat attacks difficult? Somehow encrypt the sent password from a HTML password field? In particular I'm using CakePHP and an AJAX POST call to trigger authentication (includ...
I am looking for an algorithm to change it's keys every period and can still be deciphered. Basically I am looking for a way to maintain a secured link between mobile clients and a stationary server in such a way that even if you intercepted the hash or even the authentication credentials themselves they would change on both sides every ...
I was just wondering if PHP's hash function supported WHIRLPOOL by default. I believe it is but i wanted to ask to be sure. ...
Hi everybody, I want exchange key between web service and console app with Elliptic Curve Diffie-Hellman. I search on msdn class ECDiffieHellmanCng, but I can't find good example for this class, how use it. know somebody any good example? ...
Hi everybody, im doing password based file encryption in Java. Im using AES as the underlying encryption algorithm and PBKDF2WithHmacSHA1 to derive a key from a salt and password combination using the following code(which i got from another generous poster on this site). SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmac...
I have to port some crypto code to visual c++ from java which (visual c++) I am not very familiar with. I found a library at http://sourceforge.net/projects/cpp-bigint/ that I can use for big integers. However it does not have an equivalent to javas SecureRandom class. I did find a project in c++ called beecrypt but could not get it ...
I'm just starting with Golang and I am now stuck on MD5 creation. This is how I started to get a md5 hash from a string: import "crypto/md5" var original = "my string comes here" var hash = md5.New(original) But obviously this is not how it works. Can someone provide me a working sample for this? ...
I am signing packets in some Java code and I want to verify the signatures on a C server. I want to fork openssl for this purpose (can always use library functions later... when I know openssl can verify the signatures); however, it's failing to do so: openssl dgst -verify cert.pem -signature file.sha1 file.data all it says is "unab...