cryptography

ProtectedData.Protect intermittent failure

I'm writing a password encryption routine. I've written the below app to illustrate my problem. About 20% of the time, this code works as expected. The rest of the time, the decryption throws a cryptographic exception - "The data is invalid". I believe the problem is in the encryption portion, because the decryption portion works the...

Code Signing Certificate Options

I've been assigned the task of buying a digital certificate for my company to sign our code. We develop applications in the Microsoft space - mostly WPF or Web Based. I've investigated options and found Comodo to be well priced and responsive, and we're ready to go ahead and purchase a cert through them.. however in the signup form ther...

Supplying an argument at Rails runtime

I'm looking for a way to supply an argument to a ruby on rails project at runtime. Essentially, our project uses public key cryptography to encrypt some sensitive client data and we want the ability to supply the password to the private key file at runtime. ...

Which built-in .NET cryptography algorithm is the most secure?

Hi, Which cryptography algorithm is the most secure that ships with .net? ...

.NET cryptography for licence keys?

Hi, I want to create a license key, which cryptography algorithm would you recommend? Basically the inputs would be: company name major version number date created expirey date has feature1: has feature2: has feature3: e.g. Acme Inc 5.0 20081102 20081102 0 1 0 DUPLICATE http://stackoverflow.com/questions/258721/which-built-in-net-c...

What is the best low-tech protocol to simulate drawing names out of a hat and ensure secrecy?

Each year at Thanksgiving, my family has drawn names out of a hat to determine who they'll be a "Secret Santa" for the Christmas gift exchange. It's important to our family culture that no one else in the family knows who each other got in order to keep it interesting. The only rule to the selection is that you can't pick your spouse. If...

Modular arithmetic

I'm new to cryptography and modular arithmetic. So, I'm sure it's a silly question, but I can't help it. How do I calculate a from      pow(a,q) = 1 (mod p), where p and q are known? I don't get the "1 (mod p)" part, it equals to 1, doesn't it? If so, than what is "mod p" about? Is this the same as      pow(a,-q) (mod p) = 1? ...

Which are the most important Math skills in order to better understand cryptography?

I need to have a better understanding of cryptography, specially the mathematics behind some of the core concepts. However, my High School Maths knowledge has gone a bit blunt, and so I was wondering which topics I should revisit for this purpose? ...

How to encrypt small data block with only RSA public key using Microsoft ECSP?

I need to encrypt a small block of data (16 bytes) using 512 bit RSA public key -- quite an easy task for most cryptography libraries known to me, except for MS CSP API, as it seems. Documentation for CryptEncrypt function states that The Microsoft Enhanced Cryptographic Provider supports direct encryption with RSA public keys and de...

SecureRandom: init once or every time it is needed?

Our team is using a SecureRandom to generate a list of key pairs (the SecureRandom is passed to a KeyPairGenerator). We cannot agree on which of the following two options to use: Create a new instance every time we need to generate a key pair Initialize a static instance and use it for all key pairs Which approach is generally bette...

Validate Authenticode signature on EXE - C++ without CAPICOM

I'm writing a function for an installer DLL to verify the Authenticode signature of EXE files already installed on the system. The function needs to: A) verify that the signature is valid. B) verify that the signer is our organization. Because this is in an installer, and because this needs to run on older Win2k installations, I...

Is there a way to create a private key using CryptoAPI and seed it?

We have a need to create a private key that is seeded from 2 plaintext keys. The 2 plaintext keys are maintained by different managers. This is to satisfy a dual-control key requirements that we have. We can combine the two keys into a single seed. However, from reading the Microsoft CryptoAPI documentation, all key generation are comple...

Are there public key cryptography algorithms that are provably NP-hard to defeat?

Should practical quantum computing become a reality, I am wondering if there are any public key cryptographic algorithms that are based on NP-complete problems, rather than integer factorization or discrete logarithms. Edit: Please check out the "Quantum computing in computational complexity theory" section of the wiki article on quant...

Can you figure out why this program is triggering a IllegalStateException?

all files in ~/Cipher/nsdl/crypto can be found here java files compiled with gcj, see compile.sh nmint@nqmk-mint ~/Cipher/nsdl/crypto $ echo test | ./cryptTest encrypt deadbeefdeadbeefdeadbeefdeadbeef deadbeef Blowfish CBC > test null Exception in thread "main" java.lang.IllegalStateException: cipher is not for encrypting or decrypting ...

What is the best cross-browser solution for browser based document signing (w/ digital signature)?

I need to implement a browser based component (most likely java applet since it needs to be cross-browser) that will allow us to digitally sign and verify data in the XadES format. What options are available and what is the best solution? ...

Using java to encrypt integers

Hi all, I'm trying to encrypt some integers in java using java.security and javax.crypto. The problem seems to be that the Cipher class only encrypts byte arrays. I can't directly convert an integer to a byte string (or can I?). What is the best way to do this? Should I convert the integer to a string and the string to byte[]? Th...

Python crypt module -- what's the correct use of salts?

First, context: I'm trying to create a command-line-based tool (Linux) that requires login. Accounts on this tool have nothing to do with system-level accounts -- none of this looks at /etc/passwd. I am planning to store user accounts in a text file using the same format (roughly) as /etc/passwd. Despite not using the system-level pass...

Signing data with smartcards on Mac in C++

Dear lazyweb, is there any support in Mac OS X for signing data using smartcards? I have looked through the system headers and found only vauge references to smart card support (in SecKeychain.h), which didn't really take me anywhere. If there's no built-in support, which are my options (ie. what free/non-free libraries exist that can ...

An effective method for encrypting a license file?

For a web application, I would like to create a simple but effective licensing system. In C#, this is a little difficult, since my decryption method could be viewed by anyone with Reflector installed. What are some methods for encrypting files in C# that are fairly tamper-proof? ...

how to use X509 certificates (to sign a file w/ simple verification, + other questions)

I spent several hours yesterday trying to digitally sign a short file using an X509 certificate (one of the "freemail" certificates from thawte). I finally got openssl to sign it as an SMIME message, but I can't successfully verify it, AND it's in the SMIME format -- I don't have access to a "sendmail" program which can actually send out...