cryptography

Is there an open source equivalent to FlexLM?

I am interested in studying license management patterns and coding techniques in detail. ...

Is it possible to have an open source implementation of DRM software?

I am curious to know if anyone has figured out a way to create the server portion of DRM in an open source manner while allowing for DRM clients to be closed. I understand that if the client were open source, it would be easy to remove the DRM checks, but I believe the server doesn't suffer from the same challenge. ...

Programming a Steganography application in C/C++

I have been reading up on on steno for a while. I have seen tools that help aid in embedding messages in .mp3's and png's etc. I am familiar that they do this by replacing the least important bit. In images, these LIB are colors that the human eye can't see; thus not needed. In audio files frequencies not audible to the human ear; also n...

Encrypted data size while using Triple DES

I intend to use TripleDES in one of my project. I was doing some experiments to be comfortable with it. I understand block size of triple DES is 8 bytes so I assume that if give 8 byte of data, I should get 8 bytes of encrypted data. But what I get is: Input Size | Encrypted Size . | . . | . 6 bytes | 8 byt...

What tools are available to generate key-pair, enroll with SCEP, use for TLS server on .Net?

The specification I am working with requires that a key-pair be generated and a certificate be automatically enrolled via SCEP to a specified server and used as both a TLS server and client certificate with OCSP validation of the counterparty. Are there any tools available for .Net to do this sort of thing? Pure-managed code and Compac...

I need a PHP script to decrypt the RSA encrypted string generated by...

I need a PHP script to decrypt the RSA encrypted string generated by this JavaScript library - http://ohdave.com/rsa/ I'm either missing something or I don't know, but I don't remember what was the last thing I looked for so long after and did not find :( Thank you in advance for your support, Constantin TOVISI ...

RSA Encryption-Decryption in iphone

I am developing Iphone application. I have used SecKeyGeneratePair method of Security/Security.h framework. I am getting public & private keys as SecKeyRef objects. Can I access the key or print its value to console? Can I get NSString or NSData object from it ? When i print the key to console using NSLog I am getting . Can we pass these...

Java Plugin Framework that will only load from sealed JARS

I am looking to load a JAR at runtime but want loading to fail if the JARs aren't either signed nor sealed. I know that Java JCE has this capability when loading new crypto algorithms. Do any of the plugin frameworks already support this functionality? Otherwise, what is the best approach? ...

Identity-Based Encryption and Open Source

I recently ran across the notion of Identity Based Encryption (IBE) which seems like a novel idea. However, I haven't noticed many in the cryptography community attempting to find ways to break it. Am I wrong? Likewise, I am of the belief that unless you can actually distribute open source implementations where the blackhat crowd can at...

Import RSA keys to iPhone keychain?

I have a couple of NSString objects that represent an RSA public-private keypair (not generated by SecKeyCreatePair, but by an external crypto library). How can I create SecKeyRef objects (which are required for the SecKeyDecrypt/Encrypt methods) from these NSString objects? Do I need to import them into the Keychain first? If so, how? ...

How to verify a binary signed with a self-signed certificate?

We want to add automatic software updates to our application, but our company isn't yet ready to buy a code-signing certificate from a trusted root CA, so we'll be using a self-signed certificate to sign code updates (.exe and .dll) for now. Question: how to verify a binary signed with a self-signed certificate, without having to instal...

How do I create a .p12 file in Ruby?

I've looked at the Ruby OpenSSL documentation, but I can't quite figure out the pieces I need to put together to make a .p12 file. There's also this tutorial, but the comments belie an ambivalence about its correctness. ...

How can I decode a PKCS#5 encrypted PKCS#8 Private Key in Java

I have a PKCS#5 encrypted PKCS#8 RSA private key stored in a disk file (originally generated by SSLPlus, circa 1997), for example: -----BEGIN ENCRYPTED PRIVATE KEY----- MIICmDAaBgkqhkiG9w0BBQMwDQQIybM2XFqx4EwCAQUEggJ4MKg/NE+L6NJgbOf4 ... 8QnGu4R7lFlweH/VAK8n0L75h3q2g62MKLJqmKLtAILNve4zymnO+LVZ4Js= -----END ENCRYPTED PRIVATE KEY----- F...

Is it possible to reverse engineer AES256?

Imagine I have this: $cdata = AES_256($data, $pass); AES_256 algorithm is: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard If I know the content of $cdata and the content of $data and also have the AES256() code, can I reverse engineer and find $pass? ...

Does any software exist for building entropy pools from user input?

It'd be nice to be able, for some purposes, to bypass any sort of algorithmically generated random numbers in favor of natural input---say, dice rolls. Cryptographic key generation, for instance, strikes me as a situation where little enough random data is needed, and the requirement that the data be truly random is high enough, that thi...

How to predict the next GUID from a given GUID?

Hi, i have sent 10000 mails to our customers and each mail had a link of the format http://example.com/LogIn?key={guid} unfortunately the guid i sent were random guids (test data generated by Guid.NewGuid()) so the customers have all received invalid links... based on the 404s i receive from the webserver i have a few guids that i sent...

How to resist MITM and replay attacks when sending encrypted data?

Assuming I've securely exchanged keys with another computer (using Diffie-Hellman perhaps), here's my tentative solution: packet number + encrypted data + message authentication code (MAC) The packet number is an incrementally-increased number starting at 0. After that is the encrypted data itself, followed by a MAC of them both. If so...

Need a very fast one-to-one algorithm, possibly encryption

I need a very, very fast one-to-one algorithm. The algorithm doesn't need to be unbreakable. Reasonably strong is enough but it must be lightning fast. I will be implementing it in hardware. Area is a concern, too, so it shouldn't use too much logic. It should be a function f_N(x) whose input is an N-bit number and whose output is a...

How do I test the quality of an encryption algorithm?

I want to test an encryption algorithm for strength. It doesn't have to be strong, it just has to resist accidental cracking and say, a determined hacker with 10-hours to waste. (I wrote the crypto algorithm. Yes, I know that this is generally a bad idea but I think that I have good reason.) What kind of tests should I do? So far I'...

RSA Encryption public key not returned from container???

I feel like what I am trying to do is very simple. But for some reason it doesn't want to work: Here is a complete code snippet to test what I am trying to do: using System; using System.Xml; using System.Security.Cryptography; using System.Security.Cryptography.Xml; namespace XmlCryptographySendingTest { class Program { ...