Hi. I'm trying to work out how to generate the parameters for iTunes Music Store (iTMS) and what they are/mean. So far I can do all the other normal stuff like login, view account information, but purchasing looks to have some cryptographic element to it (or simply something I'm not seeing). For example, iTunes 9 when purchasing some ra...
We have a custom built program that needs authenticated/encrypted communication between a client and a server[both in Python]. We are doing an overhaul from custom written Diffie-Hellman+AES to RSA+AES in a non-orthodox way. So I would be very interested in comments about my idea. Prequisites: Klient has a 128bit RegistrationKey which ...
Hi I am using asp.net mvc 2.0 and I am wondering how secure is it to put information in a cookie? Like I put in my cookie a forms authentication ticket that is encrypted so can I put information that could be sensitive in there? string encryptedTicket = FormsAuthentication.Encrypt(authTicket) HttpCookie authCookie = new HttpCook...
I have two AsymmetricAlgorithm objects that contain an RSA Private and RSA Public key. The private key was retrieved out of the Windows-MY keystore and the Public key from a user's certificate. How can I use these keys along with RSACryptoServiceProvider to encrypt data using the RSA algorithm in C#? In other words, how can I specify tha...
I've being messing around the C# Bouncy Castle API to find how to do a PBKDF2 key derivation. I am really clueless right now. I tried reading through the Pkcs5S2ParametersGenerator.cs and PBKDF2Params.cs files but i really cant figure out how to do it. According to the research I have done so far, PBKDF2 requires a string (or char[]) ...
Hi, I saw this behavior today while working with a Java EE Framework. Every time I'm getting an int ID from the server, that ID is encrypted + encoded in base 64, and the encrypted string is sent back. Each request gives a different encrypted key. The behavior that is strange is that if I make 5 requests, the encrypted text I received a...
How extensive are the Cryptographic options offered by Apple for the iPhone OS? Does it have public key infrastructure support? Can the Keystore (or I guess keychain) be leveraged by third party applications and are they able to pull/store private keys there? What about support for the LDAP for pulling user's public certificates? ...
Been playing around with encryption and decrypting files in VC# Express 2010. All the tutorials and documentation I've seen requires two FileSteams in order to encrypt the file. One for reading the unencrypted version, and the other for encrypting. When I actually wrote the code it kept throwing an error telling me it could not open the...
I am getting the CKR_DEVICE_MEMORY error code for C_Encrypt call using cryptoki library. From the PKCS#11 spec, CKR_DEVICE_MEMORY means The token doesnot have sufficient memory to perform the requested function. Under what circumstances, do we get the token's memory completely full? The HSM has been working 24x7 for 7 days continuous...
I have a .p7m (application/pkcs7-mime) encrypted file on my hard drive, and the associated Private Key it was encrypted with. It is encrypted with AES (128bit) and enveloped with RSA (1024bit). I have successfully imported the key from my key store but I dont know how i would go about using it to decrypt a .p7m file. Any suggestions? ...
I'm trying to share authentication between an ASP.NET app and another UNIX-based app, where the hashed password is stored in the database. I need to ensure the hashing algorithms on both platforms match. This is how I'm hashing in C#: var sha1 = new SHA1CryptoServiceProvider(); var passwordBytes = Encoding.UTF8.GetBytes(password); var...
This is a segment of code I have for setting the masterpassword: private void button1_Click(object sender, EventArgs e) { string current = textBox1.Text; string newPass = textBox2.Text; string confirmed = textBox3.Text; string massPass = "winxp.pma"; if (File.Exists(massPass)) { ...
I'm new to the .NET CryptoProvider space, and am a little concerned by what I have seen regarding the repeated creation of the same key by the RSACryptoProvider. I am using a container because I am storing the key off to file on the server, like so (I export the CspBlob subsequent to this creation and reimport it later)... _cp = new Csp...
This will be a bit difficult to explain but I will try my best. There is a website that has the login form on every page with username/password fields. These pages are not using SSL. After the user fills in the username/password and submits the form, the form is sent to an authentication page which is https. I have a few questions about...
In CBC mode, C2 = Ek(C1 ⊕ P2) C2 = 2nd block of ciphertext P2 = 2nd block of plaintext Ek = encryption function If IV is known (let's say it's set to 0), is there anyway to find the ciphertext block such that C2 = Ek(P2) ? ...
In explanations I've read about public key cryptography, it is said that some large number is come up with by multiplying together 2 extremely large primes. Since factoring the product of large primes is almost impossibly time-consuming, you have security. This seems like a problem that could be trivially solved with rainbow tables. If ...
I want to encrypt passwords using the C# WPF. what is the best algorithm (and easy to implement) to use? and I want some example about how to use it ... ...
My php script and my c# application will pass a hash string to each other that is 32 chars long, what is the best mode for this? I thought ECB but am unsure as it says if using more then 1 block dont use. How do I know how big the block is? They will occasionally pass a large text file, which would be the best mode for encrypting this.....
Hi, I have a query string I need to encrypt using AES in CBC mode with zero padding, before finally encoding it to base64 and I need to run this on Google App Engine in Python. I've had a look around and can't be sure what works in GAE and what doesn't, I'm also finding it hard to get example code of some of those I believe should work...
Dear Guys, I have written a program in vb.net 2008 (using .net 3.5). It's a decent size program. One part of this program is to access an online database and encrypt/decrypt files. To access db I use a hardcoded password. To encrypt/decrypt files I used a hardcoded key. No matter what I do I would need to hardcode one of the two things ...