cryptography

Convert OpenSSL public key into NSS one

How do I convert public key generated by OpenSSL into one NSS would understand? I've generated key with OpenSSL, exported it into pkcs12 format, imported it into NSS database and then extract public key with McCoy utility. And it was different to my great surprise. That is probably the matter of encoding but which one should I use? Upda...

Anyone got any plans to use Cryptol from Galois?

I saw in a Dr Dobb's email report for 2008-12-29 that there's a new DSL (domain-specific language) for designing crypto systems. It is called Cryptol and is available from Galois. Has anybody taken a look at it? Does anyone have plans to use it? Is it worthwhile, do you think? Robert Gamble notes: Cryptol is not new, it has been ...

Pin Generation

Hi, I am looking to develop a system in which i need to assign every user a unique pin code for security. The user will only enter this pin code as a means of identifying himself. Thus i dont want the user to be able to guess another users pincode. Assuming the max users i will have is 100000, how long should this pin code be? e.g. 123...

Number of points on elliptic curve

If you have an elliptic curve in the form of: y^2 = x^3 + a*x + b (mod p) Is there a good program to calculate the number of points on this curve? I have read about Schoof's and Schoof-Elkies-Atkin (SEA) algorithm, but I'm looking for open source implementations. Does anyone know a good program that can do this? Also if a is 1 and b...

Code golf: Diffie-Hellman key exchange

Back in the ITAR era, there was a popular sig that performed Diffie-Hellman key exchange: #!/usr/bin/perl -- -export-a-crypto-system-sig Diffie-Hellman-2-lines ($g,$e,$m)=@ARGV,$m||die"$0 gen exp mod\n";print`echo "16dio1[d2%Sa2/d0<X+d *La1=z\U$m%0]SX$e"[$g*]\EszlXx+p|dc` With a modern dc, this can be reduced quite a bit to: dc -e '1...

Need some help understanding password salt

I'm having some trouble understanding the purpose of a salt to a password. It's my understanding that the primary use is to hamper a rainbow table attack. However, the methods I've seen to implement this don't seem to really make the problem harder. I've seen many tutorials suggesting that the salt be used as the following: $hash = ...

signedXml.CheckSignature always returns false

I am a little new to cryptography so this could be something really stupid. I am struggling with getting this encryption decryption to work right. I am using this http://www.chaosink.co.uk/files/code/encryptionutils.zip class provided by Wolfwyrd (Thanks!) and following instructions in http://stackoverflow.com/questions/359342/an-effecti...

Why are primes important in cryptography?

One thing that always strikes me as a non-cryptographer: Why is it so important to use Prime numbers? What makes them so special in cryptography? Does anyone have a simple short explanation? (I am aware that there are many primers and that Applied Cryptography is the Bible, but as said: I am not looking to implement my own cryptographic...

Dazed and confused by Java Security & BouncyCastle APIs

I've been trying to make sense of the BouncyCastle cryptography APIs for Java. Unfortunately, I'm finding Java cryptography in general to be so obscured by service provider interfaces and jargon that I can't wrap my head around what anything actually does. I've tried reading the necessary documentation repeatedly but it just stays incomp...

Length of Encrypted String

I need to create a database column which will store a string encrypted using Triple DES. How do I determine the length of the encrypted string column? (Answers for algorithms other than Triple DES are also welcome.) ...

Can you convert the output of php crypt() to valid MD5?

I have some strings that have been encrypted using the php function crypt() http://uk2.php.net/crypt The outputs look something like this: $1$Vf/.4.1.$CgCo33ebiHVuFhpwS.kMI0 $1$84..vD4.$Ps1PdaLWRoaiWDKCfjLyV1 $1$or1.RY4.$v3xo04v1yfB7JxDj1sC/J/ While I believe crypt() is using the MD5 algorithm, the outputs are not valid MD5 hashes. ...

Converting C-DES-implementation to Java - Help needed

Hi, I'm a German student an for computer classes I need to implement the DES-encryption in Java(by myself, not by using the Java-API) and explain it in detail. I didn't find any Java-code-examples using google, however I did find an easy implementation in C(I do not know C, I know a little C++, but not that well, pointer still get me now...

What to use? Digital signature?

Sorry I couldn't find the best heading for this question. Following is my requirement. I a working on a project which deals which large amount of money transactions to different account. The system automatically transfers money to accounts of A,B, C etc etc,, But before this is done Some one from A,B or C should approve(electronically) ...

Java security - MSCAPI provider: How to use without password popup?

I've managed to use Sun's MSCAPI provider in my application. The problem I'm having now is that it always pops up a window, asking for a password, even though I've provided it in the code. This is a problem, because I need the cryptography functionality in a webservice. Here's the code I have now: String alias = "Alias to my PK"; char[...

Pitfalls of cryptographic code

I'm modifying existing security code. The specifications are pretty clear, there is example code, but I'm no cryptographic expert. In fact, the example code has a disclaimer saying, in effect, "Don't use this code verbatim." While auditing the code I'm to modify (which is supposedly feature complete) I ran across this little gem which...

Python M2Crypto - generating a DSA key pair and separating public/private components

Could anybody explain what is the cause of the following: >>> from M2Crypto import DSA, BIO >>> dsa = DSA.gen_params(1024) ..+........+++++++++++++++++++++++++++++++++++++++++++++++++++* ............+.+.+..+.........+.............+.....................+. ...+.............+...........+......................................... +.........+...

On the fly encryption in C#

I am learning C#. I want to code an on the fly encryption program. Something similar to Truecrypt. It basically creates an encrypted container, which can be mounted as a virtual drive and from which you can decrypt files on the fly without writing them to the hard drive. Truecrypt uses some filter drivers [ I dont know what they are]. I ...

Using SHA1 and RSA with java.security.Signature vs. MessageDigest and Cipher

I'm trying to understand what the Java java.security.Signature class does. If I compute an SHA1 message digest, and then encrypt that digest using RSA, I get a different result to asking the Signature class to sign the same thing: // Generate new key KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair(); PrivateKey pri...

File not found on RSACryptoServiceProvider, service account permissions?

Our web service wraps around a third party library that contains the following code. We are using an Active Directory service account in the IIS 6 app pool (no interactive login abilities). Our service fails with the error “The system cannot find the file specified”. We’ve traced the error to the “RSACryptoServiceProvider provider =...

DES encryption and cipher modes

I need to encrypt an ISO 8583 message... the problem here is that the message is longer than the key. I need some one help me how to encrypt this string. For example: I have 300 chars in my string; should I encrypt each 16 chars alone then concat them, since my master key length is 16 bytes? I appreciate your help... ISO 8583-1:20...