encryption

Differences Between Rijndael and AES

I'm investigating encryption algorithms - can someone give me a quick rundown of the differences between Rijndael and AES? ...

Encrypt my framework and code

hi, i am creating my own CMS frame work, because many of the clients i have, the have same requirements, like news module, newsletter module, etc. now i am doing it fine, the only thing that is bothering me, is if a client wants to move from my server he would ask me to gibe him his files, and of course if i do so the new person who wi...

Security risks of an un-encrypted connection across an international WAN?

The organisation for which I work has an international WAN that connects several of its regional LANs. One of my team members is working on a service that receives un-encrypted messages directly from a FIX gateway in Tokyo to an app server in London, via our WAN. The London end always initiates the authenticated connection, and at no poi...

DES Encryption in C#

Take the Following code: DESCryptoServiceProvider des = new DESCryptoServiceProvider(); des.Key = new byte[] { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08}; ICryptoTransform encryptor = des.CreateEncryptor(); // encrypt byte[] x = UTF8Encoding.UTF8.GetBytes("thisIsATEST"); byte[] enc = encryptor.TransformFinalBlock(x, 0, x.Length); s...

How can SHA encryption be possible?

Duplicate: Confused about hashes How can SHA encryption create unique 40 character hash for any string, when there are n infinite number of possible input strings but only a finite number of 40 character hashes? ...

server configuration questions...

Please pardon my non-understanding here. I have a local mysql server and I need to be able to access that data over an encrypted channel from a java web application running on a web host. Can anyone recommend the best way to do this? Thank you! Joshua ...

Adaptation problem with the Blowfish Encryption in C

I'm writing a program that implements the Boneh-Franklin Identity Based Encryption. For the actual encryption methods, I use Blowfish which I got from (https://voltar.org/). I'm trying to adapt the blowfish encryption/decryption code to my program. The difference in my program is that I read the message from the standard input, encrypt i...

How do you hide secret keys in code?

I've wondered for some time how some software hides secret keys in such a way that they can't be trivially discovered. Just a few examples: DVD Player Software hides CSS keys Software with serial numbers/registration codes hides keys/hashes used to validate the serial numbers Obviously, these programs do something more than just have...

Open Source Full Disk Encryption for BSD Operating System?

Anyone aware of an open source equivalent to full disk encryption products such as Pointsec (a Cisco product) where the machine won't boot unless a password is supplied? ...

What is the best and safest way to store user email addresses in the database?

From security reasons, is it worth encrypting user emails before putting them into the database? I know we hash and salt passwords but that's another story as we do not really need password originals. With emails it is different. Knowing that the decryption key will anyway be somewhere close to the database, does it make sense to encry...

Encrypted data size while using Triple DES

I intend to use TripleDES in one of my project. I was doing some experiments to be comfortable with it. I understand block size of triple DES is 8 bytes so I assume that if give 8 byte of data, I should get 8 bytes of encrypted data. But what I get is: Input Size | Encrypted Size . | . . | . 6 bytes | 8 byt...

Is there any benefit to encrypting twice using pgp?

I am asking from a "more secure" perspective. I can imagine a scenario with two required private keys needed for decryption scenarios that may make this an attractive model. This is to settle an argument. My vote is that it is not adding any additional security other than having to compromise two different private keys. I think that ...

Encrypt Sting in JSP... Decrypt in PHP

I have to make a handshake page in php that will take a querystring that is encrypted for a function in Java/JSP and decrypt it in PHP fir use in an application. I have found this to be a good starting point http://propaso.com/blog/?cat=6 but it encrypts in PHP and decrypts in PHP, the reverse of what I need to do. Anyone know common C...

Compatible Encryption Libraries between client a server side (Javascript -> C# or Java)

Sometimes HTTPS is not enough. Specially when we are talking about protecting user data from troyans with access at winsock32 level where they can sniff https in plain text or BHOs objects that already have access to the decrypted posted data in the browser memory. In this scenario, I have developed a javascript -> classic asp client se...

c# encryption and decryption

Hello, C# 2005 I am using a simple encrypt and descrypt for a IP address. The app on the remote server will encrypt the ip address and the client will decrypt it. However, when the client descrypts the IP I only get some of the IP address back. The rest is rubbish. Before: 123.456.78.98 After: fheh&^G.78.98 Many thanks, /// Encrypt ...

Web.Config encryption using RsaProtectedConfigurationProvider - "Bad Data" error

I am attempting to encrypt connection string values in the Web.Config file for an ASP.NET 2.0 web application, following the procedure described on MSDN. Using the RsaProtectedConfigurationProvider, I created and exported a machine-level key on my development machine (using the -pri flag), and imported the key and granted access on the w...

Encrypted volume automounting in Mac OS X

I've had a need to create an encrypted volume on my mac for the company source code. The requirements are not terribly stringent: If someone can log into the machine as me, they win, but otherwise, they should lose. With that set of requirements, you can make it so that the disk is automatically mounted at login. ...

Best practices for encrypting and decrypting passwords? (C#/.NET)

I need to store and encrypt a password in a (preferably text) file, that I later need to be able to decrypt. The password is for another service that I use, and needs to be sent there in clear text (over SSL). This is not something I can change. What are best practices in this area? How can achieve some degree of protection of the passwo...

As3 Encryption library

Which encryption libraries are available for actionscript 3.0? my preference is on performance compared to price. ...

SQL Server PWDEncrypt value comparison

I think what I am about to ask is impossible, however, figured it was worth a shot here. We have an application that makes use of SQL Servers PWDEncrypt and PWDCompare functions. Part of the system creates duplicates of users (same logon and password). Due to a bug in the system, instead of copying the binary stored PWDEncrypt of a pas...