What's the purpose of the feedback loop while encrypting (DES)?
Does it make the encryption stronger? I thought it was used to make sure the ciphertext is more "random." It doesn't really make it any stronger, or so I think. ...
encryption
How does using a salt make a pw more secure if it is stored in the db?
I am learning Rails, at the moment, but the answer doesn't have to be Rails specific. So, as I understand it, a secure password system works like this: User creates password System encrypts password with an encryption algorithm (say SHA2). Store hash of encrypted pw in DB. Upon login attempt: User tries to login System creates has...
voice encryption
I want to develop an application to encrypt voice calls on the fly. Is it feasible? which programming language should be preferred for symbian O.S ...
Decryption of AES in Java
French : slt, comment je peut faire le dechiffrement en utilisant AES c'est mon code : in English : Hi, how can I do the decryption using AES? This is my code: public class NewClass1{ private Key key; private void generateKey() throws NoSuchAlgorithmException{ KeyGenerator generator; generator = KeyGenerator.ge...
String Encryption with JASYPT - Java
I want to encrypt a string, but the standard java libraries are too complicated for me. So i turned to JASYPT, Its pretty simple to use and understand, However when i import the library to Eclipse 3.6 and when i try encrypt a string like "Hello" with the password "123". It always comes up with an error. I'm not sure what im doing wrong b...
ColdFusion: Integer "0" doesn't convert to ASCII character
I have a string (comprised of a userID and a date/time stamp), which I then encrypt using ColdFusion's Encrypt(inputString, myKey, "Blowfish/ECB/PKCS5Padding", "Hex"). In order to interface with a 3d party I have to then perform the following: Convert each character pair within the resultant string into a HEX value. HEX values are th...
One way cryptographic hashing of a number ensuring each result is unique
Is there a good algorithm for this? after an amount of searching around I haven't been able to find any conclusive answers. Basically in a system which collects various bits of data about its users, each user is identified by a 64 bit unique Id. this Id is used as a primary key to a data set which may include any amount of data collecte...
Where to store encryption key
I am encrypting data (health care industry) using the aes encryption classes in the .net framework. What are some of the recommended locations for safely storing the key? I have it in the web.config for development, but that does not feel production worthy, to say the least. ...
Mitigating the 'firesheep' attack in the application layer?
What methodologies do people recommend for mitigating the 'Firesheep' method for website applications? We have thought about this and from a usability perspective, other than encrypting all traffic to a site, mitigating the attack can be somewhat of a problem for web developers. One suggestion we came up with was to use path based cook...
Is HTTPS the only defense against Session Hijacking in an open network?
So with Firesheep, everyone in a public Wi-Fi now has a one-click session hijack tool. The way it works - to my understanding - is that it simply captures all traffic and grabs the session cookie (so it doesn't steal passwords). From my understanding, this also means that a HTTPS secured login does not solve this alone, as further HTTP...
c# encrypt xml file
Tell me the easiest way to encrypt an XML file. It is a file used for some configurations and don't want people mucking around with it. Security is not an issue as it is a private tool. ...
PHP, MySQL, and AES Encryption / Decryption for User Data
I am new to AES encryption but trying to build a solution which: Accepts consumer data Encrypts that data using AES and a "public" key Store that data in a MySQL database Have the ability to pull and decrypt the data ONLY with a private key (stored on my personal machine, not the server itself). I realize this may be overkill but wan...
Using a random salt in password encryption?
Hey, I've seen a few other threads about this topic, but I can't seem to find a few answers to some questions involving the use of a random salt in password encryption. To my understanding, the steps go something like this: Generate a random salt for the user. Append the salt to their password. Use something like SHA-2 to hash the res...
Secure a PHP file; how?
I have a classifieds website, and a partner of us (who runs another classifieds website) need to have access to a file on our server. The file is called 'partner.php'. This file simply prints out some information about the classifieds on our site. So for our partners, they would just need to access "www.domain.com/partner.php?id=1234"...
Securing an "open" web service without HTTPS or private shared key
I am producing a web service which will allow any third party "device" to communicate with it. Each device has a reasonably unusual string to identify itself and uses the web service to store data against this id. However, this allows someone who wishes to game the service to scan through and guess device ids and store malicious data aga...
Symmetric integer to integer encryption
I need some pointers or a practical example on how to encrypt an int to another int, and a secret key would be required to decrypt the value. Something like: encrypt(1, "secret key") == 67123571122 decrypt(67123571122, "secret key") == 1 This guy asks pretty much the same question: http://stackoverflow.com/questions/3131193/symmetric...
mysql: result counting data as encryption
i have a problem during count data use this query: SELECT A.*, COUNT( B.Serial_number ) AS Qty_insp, CONCAT(ROUND(A.`Reject_qty`/ COUNT(B.Serial_number)*100, 2),'%') AS NG_Ratio FROM oqc_defect A LEFT JOIN inspection_report B ON A.Model = B.Model AND A.Line = B.Line GROUP BY A....
how to add encryption to soap header using a username token profile in wcf
I have a working USername token profile working using WCF, I am trying to add support for encryption on the client call, the webservice is expecting an encrypted soap header. I installed a certificate in my Local store using MMC. In my c# code below I have code that loads the certificate and assigns it to the proxy. I am not sure what o...
Do ORM's implement encryption?
Typically the model for ORM's that I've used goes something like this: Program startup: Initialize ORM db connection While running: make/modify/delete domain objects, commit changes, rinse and repeat. Program shutdown: commit any uncommitted changes if necessary, disconnect ORM db connection What if someone is sniffing network traffic ...
Best way to create a cryptographic API key
Hi, I have an open API in my application that I'd like to provide access key's for. The incoming info will be a user id, resource id and a value to update with. I'd like one API key per resource. Preferably I would like to be able to validate the authenticity of an incoming request using only the supplied data and not checking against...