Hello there, I'm going to make a long story short. It's been a while that I want to implement my own AES encryption/decryption program. The encryption program went well and encrypting without any error or strange output (Since I have compared my program's output with a working commercial one and result was the same). Wikipedia was (is)...
Hi, There have been many questions with regard to IV generation, encryption and sharing the IV between the sender and receiver, but I want to make an explicit post regarding the best way to send the IV from the sender to the receiver. From all the posts that I've seen so far, I'm uncertain as to whether it is safe to send the IV in "pl...
I want to generate a large (~2 kb), random, unique block of random text for use as an authentication token. Standard hashing functions produce results that are too short. Would it be OK to use openssl's private key generation function or is there more appropriate solution I should look at? ...
Hi I am trying to get an sha-1 for a number of files. What I currently do is cycle the files in a given path, open and read each file separately and load the contents in a buffer and then send it to openssl's SHA function to get the hash. The code looks something like this: void ReadHashFile(LPCTSTR name) { FILE * pFile; long lSi...
I am looking for advice on where to store encryption keys and other sensitive application data. Is a certificate on a USB stick really the way to go here? What can you do to keep your secret keys safe? ...
Some time ago we needed a solution for Single Sign On authentication between multiple web services. At least at that time we considered OpenID protocol too complicated and we were not convinced about the Ruby on Rails plugins for it. Therefore we designed a protocol of our own instead of implementing an OpenID provider and OpenID consume...
http://en.wikipedia.org/wiki/CMAC http://www.rfc-archive.org/getrfc.php?rfc=4493 There are two keys K1 and K2. Are there any other reasons, beside that messages 1 differs from 10^127 (1 and 127 zeroes) If message carries length (and length is also CMAC-ed whit message), are there any security weaknesses using only one randomly genera...
I am working on the security design for a new application at my company. We are using the Windows Identity Foundation framework. I have a logon application that issues a token to a user who successfully authenticates. The token is then used to access the new application. Of course, this happens transparently to the user. The WIF fra...
Hi folks, I'm sending a value from my front-end (Flex) to the back end (Oracle) along with a hash on the value. From my front-end, I'm using the as3corelib library from Google Code to compute a HMAC hash value using the SHA1 algorithm: com.adobe.crypto.HMAC.hash(mySecret, myMessage, com.adobe.crypto.SHA1); At the back-end, I'm using...
With respect to Oracle Database 11g transparent data encryption (TDE) with HSM, I understand that the following command is used to set the master encryption key. However, why does a user_Id have to be specified when the PKCS#11 library for the corresponding HSM only requires a PIN? SQL> ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "use...
I have looked through the whole set of "Oracle Database 11g Release 2 (11.2) Documentation" searching for the details of the master encryption key used for transparent data encryption (TDE) with HSM. There was only a single insignificant line out of the whole set of documentation that says it makes use of AES. What surprised me was that...
I am currently in the process of coming up with a PKCS#11 library with minimal functions such that my legacy HSM is able to support the Oracle database 11g transparent data encryption (TDE). I do not want to come up with the complete PKCS#11 library with all the functions since all I need is to support Oracle database. In addition, codin...
We have a licencing server which generates keys using the Java TrueLicense library. I would like to move that code to a Python using the same algorithm so that the new keys will be equivalent with keys generated with the Java code. Perhaps it is possible to use PyCrypto for this. Does anyone know if this can be done without too much effo...
Any success in implementing SHA1withDSA signature with PHP? A failure reported here. PKCS8EncodedKeySpec prvSpec = new PKCS8EncodedKeySpec(prvKeyBytes); KeyFactory keyFactory = KeyFactory.getInstance("DSA"); PrivateKey prvKey = keyFactory.generatePrivate(prvSpec); Signature sig = Signature.getInstance("SHA1withDSA"); sig.initSign(prvKey...
Hello, I have to make an application which can encrypt and decrypt text file using IDEA(International Data Encryption Algorithm) in java or C#. I know that in java there is inbuilt JCE(Java Cryptography Extension) but how to proceed further, will anybody please give me some suggestions? thank you. ...
How does the system perform the 2^56 modulo 7, if it's 32 bits operating system in cryptography for example? And how it stored in memory? ...
I have a working test of a hardware device that uses RSA encryption, in Python using M2Crypto. Now I need to test a similar device that uses 3DES encryption. But I can't figure out how to use M2Crypto to do triple DES encryption. I know it should be possible from this chart. But unfortunately the documentation of M2Crypto I've found ...
This isnt much of a programming question. its more of a reference question: does anyone know any programs/text files/whatever that show how the Tiger hash works? im trying to find some way to see the intermediate values of the hash. i found this website but the java implementation is weird and shows incorrect values despite getting prop...
Can someone tell me why the following code intermittently throws an exception ? I am running Vista Ultimate 32 bit and VS2010 .NET4 byte[] saltBytes = new byte[32]; RNGCryptoServiceProvider.Create().GetBytes(saltBytes); string salt = System.Text.UnicodeEncoding.Unicode.GetString(saltBytes); byte[] saltB...
Hi all, I have forms within my website. Some of these forms include PayPal forms (forms that submit information to PayPal). I do not wish my customers to view the source code and see what fields & their respective values I am using. As such I wish to encrypt them and yet, be able to submit information securely over to PayPal with the va...