import Crypto.Cipher.DES import struct def rol32(x, y): ret = ((x<<y)&0xFFFFFFFF)|((x>>(32-y))&0xFFFFFFFF) #print 'rol32', hex(x), hex(y), hex(ret) return ret def sub32(x, y): ret = (x & 0xFFFFFFFF) - (y & 0xFFFFFFFF) if ret < 0: ret += 0x100000000 #print 'sub32', hex(x), hex(y), hex(ret) return ret def mul32...
I have used unsalted md5/sha1 for long time, but as this method isn't really secure (and is getting even less secure as time goes by) I decided to switch to a salted sha512. Furthermore I want to slow the generation of the hash down by using many iterations (e.g. 100). My question is whether I should append the salt on every iteration o...
Background With respect to cryptography in general, the following advice is so common that it may even be platform and language-agnostic. Cryptography is an incredibly complex subject which developers should leave to security experts` I understand and agree with the reasoning behind this statement, and therefore follow the advice when...
I'm writing CSP library (for CryptoAPI) for smartcards my company sells. I have question about difference between AT_SIGNATURE key type and CALG_RSA_SIGN algorithm for private key (the same also for AT_KEYEXCHANGE and CALG_RSA_KEYX). I know what is written on MSDN site, but how specifically CSP DLL should work if either of CALG_RSA......
INITIAL NOTE: This is just for a personal tinkering project; I'm not writing enterprise security here, and if I were, I'd know better than to try to write my own scheme. :-D EDIT: To stress the above point, I tried to tag this under "iKnowThisWouldBeABadIdeaInRealLife", but SO wouldn't accept it because it was >25 chars. Just be aware...
I want to obfuscate one query string parameter in ASP.NET. The site will have a high volume of request, so the algorithm shouldn't be too slow. My problem is that all the algorithms I found result in unwanted characters (like +/=) Here is an example of what i want to achieve: www.domain.com/?id=1844 to www.domain.com/?id=3GQ5DTL3...
Is there any javascript libs that lets you encrypt and decrypt 256 bit AES the way you do it with mcrypt in PHP (and get the same result of course)? I want to give it a variable-length message and a 32 chars key. All libs i find wants fixed-length blocks of cleartext and byte-arrays of keys... This is how it's done in php: $iv_size = m...
As explained in the MSDN, it is possible to generate new public/private keys by calling the method DSACryptoServiceProvider.ExportParameters. The result of this method is of type DSAParameters. What is the de facto standard on dealing with these keys? Should I generate new keys for each transaction or should I generate keys once, store ...
Imagine that a server is serving public keys of the users to their partners to make encrypted communication possible. However, the server does NOT have access to the private keys.. Anyway - imagine the server is hacked and it sends not the requested public keys: Alice requests Bob's public key Server sends Eve's public key ...
hey crypto experts, looking to do RSA encryption on a short string in python. This is for a piece of user data that I want to store without staff (incl myself) being able to see it. The private key will be on a thumbdrive in my safety deposit box for when we get subpoenaed. my question: is there a 'probably correct' python package for ...
I need to send signed emails from within my C# .NET application. Which is the easiest way to do this? ...
I have a little problem with a C library: Byte Flood Cryptography. ( http://bfcrypt.sourceforge.net ). I would create a program which use both linux sockets and Byte Flood Cryptography (the Byte Flood Cryptography functions are near from those provided from stdio.h, and this, I have understand). I don't know how to 'bind' the two s...
Or concrete - I am using this javascript RSA library for the client side code of my experimental project... I would like to be able to sign and verify messages (-> encrypt with private and decrypt with public key) Is there a way to alter the key data in a way that the algorithms for en/decrypting do it with the "reverse" key? I tried t...
Despite all the advices to use SSL/https/etc. I decided to implement my own security layer on top of http for my application... The concept works as follows: User registers -> a new RSA Keypair is generated the Private Key gets encrypted with AES using the users login Password (which the server doesnt know - it has only the sha256 for a...
hi all , i want to learn about Cryptography theory (basics) and i want to use the algorithms in c# so i need some guides , books , tutorials to get start please help me . thanks ...
What is the best solution in C# for computing an "on the fly" md5 like hash of a stream of unknown length? Specifically, I want to compute a hash from data received over the network. I know I am done receiving data when the sender terminates the connection, so I don't know the length in advance. [EDIT] - Right now I am using md5, but th...
When I hear about methods for breaking encryption algorithms, I notice there is often focused on how to decrypt very rapidly and how to reduce the search space. However, I always wonder how you can recognize a successful decryption, and why this doesn't form a bottleneck. Or is it often assumed that a encrypted/decrypted pair is known? ...
I've got a bunch of 48-bit (6 byte) values that I need to encrypt symmetrically. The two requirements are: The resulting encrypted value needs to also be 48-bits (6 bytes) long. They key itself can be (and would preferably be) much longer to guard again brute force attacks. The resulting encrypted value needs to be deterministic, i.e. ...
i need to encrypt some data but i guess mcrypt library is not native in php right? is there a secure and native alternative? obs: i created my own solution but the performance wasn't good =/ ...
Assuming that you already have created an oauth client app in twitter, you can go to http://twitter.com/apps to manage them. When I viewed the source of the HTML pages, I see that they use a hidden form parameter called an authenticity token in their form definitions. <form method="post" id="sign_out_form" action="/sessions/destroy" sty...