Generate one-time key with AES in Counter mode
How to generate one-time key in AES counter mode using java cryptography? I want to use that one-time key as session key in my PGP implementation? ...
cryptography
RSA decrypting data in C# (.NET 3.5) which was encrypted with openssl in php 5.3.2
Maybe someone can clear me up. I have been surfing on this a while now. Step #1: Create a root certificate Key generation on unix 1) openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout privatekey.pem -out mycert.pem 2) openssl rsa -in privatekey.pem -pubout -out publickey.pem 3) openssl pkcs12 -export -out mycertprivateke...
Caesar's cipher in VC#
#include<string.h> void main() { char name[50]; int i,j; printf("Enter the name:>"); scanf("%s",&name); j=strlen(name); for(i=0;i<j;i++) { name[i] = name[i]+3; } printf("ENCRYTED NAME=>%s",name); } This a caesar's cipher in c programming friends i want use this same thing in VC# where i will get input ...
Javascript CS-PRNG - 64-bit random
Hi, I need to generate a cryptographically secure 64-bit unsigned random integer in Javascript. The first problem is that Javascript only allows 64-bit signed integers, so 9223372036854775808 is the biggest supported integer without going into floating point use I think? To fix this I can use a big number library, no problem. My Method...
How are CD Keys generated?
CD Keys are the defacto-standard as an anti-piracy measure. To be honest this strikes me as Security Though Obscurity, although I really have no idea how CD Keys are generated. What is a good (secure) example of CD Key generation? What cryptographic primitive (if any) are they using? Is it a message digest? If so what data would t...
RSA: Encrypting message using multiple keys
Is it possible to get additional security by encrypting a message using 2 or more RSA keys? EDIT: A few clarifications: The context I am most interested in doing this for is encrypting a randomly generated symmetric key. I don't want to limit the question to encrypting twice in a row; the purpose is to avoid the high computational cos...
Why is using a Non-Random IV with CBC Mode a vulnerability?
I understand the purpose of an IV. Specifically in CBC mode this insures that the first block of of 2 messages encrypted with the same key will never be identical. But why is it a vulnerability if the IV's are sequential? According to CWE-329 NON-Random IV's allow for the possibility of a dictionary attack. I know that in practice pro...
Does the openssl command line do key strengthening?
If I run the openssl command line in hmac mode (as below), is the key used for the hmac used directly or is it hashed before using it as the key? echo "foo" | openssl dgst -sha256 -binary -hmac "test" | openssl base64 Similarly, when encrypting a file with openssl (as below)is the pass phrase hashed with the salt? (If so how is it don...
What's the big deal with brute force on hashes like MD5
I just spent some time reading http://stackoverflow.com/questions/2768248/is-md5-really-that-bad (I highly recommend!). In it, it talks about hash collisions. Maybe I'm missing something here, but can't you just encrypt your password using, say, MD5 and then, say, SHA-1 (or any other, doesn't matter.) Wouldn't this increase the processi...
Java: Read certificates from windows store
Hello. It is possible to write a Java program to read one certificate (getting private and public key) stored in windows certificate store ? Thanks ...
how to convert BigInteger to String in java
i converted a string to BigInteger as follows: Scanner sc=new Scanner(System.in); System.out.println("enter the message"); String msg=sc.next(); byte[] bytemsg=msg.getBytes(); BigInteger m=new BigInteger(bytemsg); now i want my string back.i m using m.toString() method but not getting desired result. why??? wh...
Optimal password salt length
Possible Duplicate: What is the optimal length for user password salt? I tried to find the answer to this question on Stack Overflow without any success. Let's say I store passwords using SHA-1 hash (so it's 160 bits) and let's assume that SHA-1 is enough for my application. How long should be the salt used to generated passw...
How to calculate MD5 Hash of an Array of strings in C++ using Crypto.h library in Linux ?
Hello friends, I have an array of strings.. I want to calculate the MD5 hash of these strings and want to store them in another array using libcrypt.h library in C++ in Linux... So can anyone tell me how to do it? give some exapmle or sample code.. ...
RSA Cryptography in c#
Suppose an RSA algorithm created private key on two machines. Is there any possibility that both keys are the same? ...
Is it possible to create a FIPS 140-2 compliant server in Perl?
The question is pretty simple, is it possible to create a FIPS 140-2 compliant server in Perl? Especially, is it possible without modifying any of the C code for the modules? If it's not possible in straight Perl, what would be the easiest way to go about it from a C perspective? I'm basically creating a mini-httpd that only serves up a...
HSM - cryptoki - opening sessions overhead
I am having a query regarding sessions with HSM. I am aware that there is an overhead if you initialise and finalise the cryptoki api for every file you want to encrypt/decrypt. My queries are, Is there an overhead in opening and closing individual sessions for every file, you want to encrypt/decrypt.(C_Initialize/C_Finalize) How ma...
What is this (C/C++) program doing?
It's calling these API functions (advapi32.dll) with these parameters: CryptCreateHash ( 3275488, 32771, 0, 0, 1243424 ); CryptHashData ( 3203040, 'UY30930037661', 13, 0 ); CryptCreateHash ( 3276304, 32771, 0, 0, 46463812 ); CryptHashData ( 3203296, '-585164138661', 10, 0 ); CryptCreateHash ( 3276304, 32771, 0, 0, 46463808 ); CryptH...
Is EAX crypto mode supported in the .NET framework?
Does anyone know if EAX mode is supported or how to use it? Here is an overview: http://en.wikipedia.org/wiki/EAX_mode ...
Is there a standard way to run a x509 key server?
Does anyone know of a project / product that has standardized how to access/download x509/SSL certificates over HTTP? I have seen RFC 4387 but haven't found anyone who implements it. Basically, I am trying to setup a key server for an internal application. So short of implementing my own, does anyone have any suggestions? ...
DSACryptoServiceProvider constructor throws CryptographicException
This code below thows the following error: System.Security.Cryptography.CryptographicException "The handle is invalid" CspParameters CSPParam = new System.Security.Cryptography.CspParameters(13, null, null); CSPParam.Flags = CspProviderFlags.UseMachineKeyStore; CSPParam.KeyContainerName = "MyKeys"; System.Security.Cryptography.DSACrypt...