cryptography

What should I use for password fields in a table; MD5 or SHA1?

I am by no means a security expert or even a novice. I'm a newbie at security at best. Someone suggested I use SHA1 instead of MD5 - why would I choose one over the other? Is one more secure? ...

Will a SHA256 hash always have 64 characters?

I'm setting up my database to receive hashed passwords and not accept plain text. Would I go something like this? create table User( username varchar(20) not null, password varchar(64) not null, ); ...

How to specifiy key size in the CertCreateSelfSignCertificate function

I am using the function CertCreateSelfSignCertificate (http://msdn.microsoft.com/en-us/library/aa376039(VS.85).aspx) to generate a certificate. I need to specify the key size to be 2048. I do not see how to provide this parameter. I would appreciate any help in this matter. Thanks. ...

Cryptography - RSA Algorithm in Java 1.4

Hi folks! I am using Java 1.4.2_10 and I am trying to use RSA encryption: I am getting the NoSuchAlgorithmException for the following code: cipher = Cipher.getInstance("RSA"); This is the error: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA at javax.crypto.Cipher.getInstance(DashoA6275) T...

How to defend against TabNabbing?

I got very concerned reading this genius post by Aza Raskin. What are the non-browsers solutions to defend against TabNabbing? Are there any? ...

Encrypted user credentials when they are transmitted

How can we encrypted user credentials when they are transmitted with php? (in login forms) Thanks ...

Decrypting data that was AES encrypted with Objective-C with Java

I try to decrypt data that was originally encrypted with Objective-C in Java. There are other questions mentioning this but they are really cluttered and many of them aren't solved yet therefore I will post my own. This is the code that encrypts the data: - (int) encryptWithKey: (NSString *) key { // 'key' should be 32 b...

SHA256 key generator in iphone

Hi friends, I want to generate a key using SHA256 with N number of iterations. They input should be my "password" + "random number" I have seen the Crypto sample provided by apple but it seems it doesn't provide my requirement(or might be possible I didnt get it properly). I have gone through below link as well but is doesnt have met...

Are the two codes equivalent to each other?

i know ive asked similar questions like this before, but: Is this pseudocode here the same as my code? upper case variables are the variables in the pseudocode with " ' " and the values with conditions are all in lists, such as: all "s" conditions are in list "s", and " s' " conditions in list "S" for i in xrange(t): a = h0; b = h1;...

Is it possible to use elliptic curve cryptography for encrypting data?

So far I have only seen it used in digital signatures and key agreement protocols. Can it be used like RSA to actually encrypt data? Are there any libraries for this? Edited: I need something like RSA. Encrypt the data with the recievers public key so later he can decyrpt it with his private key. I know ECDH can be used to send a secr...

.NET 3.5 - Hashing a password using System.Cryptography

Hi, I am a bit of a newbie around Security nitty gritties and especially around Cryptography. In the application we are building(ASP.net application built on .NET 3.5), we are currently using Databases to save our users authentication information (AD etc is not an option at this point). The intention is to do a one way salted hash of t...

Cost of Preimage attack

I need to know the cost of succeeding with a Preimage attack ("In cryptography, a preimage attack on a cryptographic hash is an attempt to find a message that has a specific hash value.", Wikipedia). The message I want to hash consists of six digits (the date of birth), then four random digits. This is a social security number. Is the...

Proving something existed (like code) at a set time.

It's easy to prove you created some code after a certain date. Generate a bunch of cryptographic hashes of the binary data of your item with a text appending "Created on x/y/z". You could then use these crypto hashes in a court of law presumably as the probability of them being wrong would be astronomical and since will be going to win a...

Decrypt data using an RSA public key

First off, that is not a typo, I want to decrypt using a public key. The purpose for doing this is to challenge a third party to ensure they do, in fact, have the private key that corresponds to the public key. Basically, I would send some random data, they would encrypt it with their private key, I would decrypt it using the public ke...

Asymmetric Crypto on Android

Hello, I would like to ask if i can use Asymmetric Crypto (like RSA or ECC) on android mobile phones, how, and what are the best libraries i should use. ...

Crypto++ AES Decrypt how to?

There are next to no noob guides to crypto++ out there. Or none that I've found anyway. What I want to do is decrypt an array of uchars I generate with another AES encrypter. Where would I start? I have the library built and linking grand. Do I need to set anything up or do I just call a function on my array (and if so what function) ? ...

What is the diff between the hashing methods of php?

What is the difference between the hashing methods available in php md2 md4 md5 sha1 sha224 sha256 sha384 sha512 ripemd128 ripemd160 ripemd256 ripemd320 whirlpool tiger128,3 tiger160,3 tiger192,3 tiger128,4 tiger160, 4 tiger192,4 snefru snefru256 gost adler32 crc32 crc32b salsa10 salsa20 haval128,3 haval160,3 haval192,3 haval224,3 hav...

How to Generate HMAC MD5 In Android?

I am new in this Field!I have this Message and Key also i want HMAC MD5 using this two so how it is possible if possible then give some example or sample code of this.The Given link display the overall functionality i want such kind of code.Please help me. Messgae = POSTuserMon,28Jun201010:18:33GMT7FF4471B-13C0-5A9F-BB7B-7309F1AB7F08 k...

Encrypt Data with C# AesCryptoServiceProvider crypted with BouncyCastle AesFastEngine

Hello, I need to decrypt Data with Standard C# AesCryptoServiceProvider which was encrypted with Bouncy Castle AesFastEngine on the Java side. (To decrypt the Data using the c# implementation of Bounca Castle is no problem) Is there a way to do this? I don't find the IV used in the Bouncy Castle implementation... Is there any? Any he...

Attempt to set permissions on a KeyContainer in C# is having no effect

I'm using the following code in an attempt to programatically allow the NetworkService account to have access to a key: var RSA = new RSACryptoServiceProvider( new CspParameters() { KeyContainerName = "MyEncryptionKey", Flags = CspProviderFlags.UseExistingKey | CspProviderFlags.UseMachineKeyStore }); RSA.CspKeyContainer...