I'm working on a project in which remote clients need to log in to a webserver. I'm not looking for examples in any particular language; just a general idea of the security concerns involved. The basic question is: How should user credentials be passed to a webserver for verification? I'm picturing your typical website login. One field...
I have a database that encrypted with windows CAPICOM library with RC4. Following PHP script works fine on windows server. ... $oCapiCapi = new COM("CAPICOM.EncryptedData"); $oCapiCapi -> Algorithm = 1; $oCapiCapi -> Algorithm -> KeyLength = 3; $oCapiCapi -> SetSecret('OURveRYSecretKey'); ... $oCapiCapi -> Decrypt($orsd[1]); $...
I have a WPF application with connections strings stored in the App.config. What is the best way of encrypting these connection strings in a click-once deployment? Thanks ...
I recently went through this little noob adventure on a Linux desktop: Take a text file with sensitive info PGP-encrypt it (e.g. with Seahorse) Back it up Reinstall OS, erase hard drive, drop computer in pool, etc, etc Retrieve the encrypted file from backup, and gasp in horror to realize you can't decrypt it, even though you know the ...
I'm working on an online event ticketing system, where users will be able to self print his tickets and show up at the event where it will be scanned (barcode) and ideally the person will get in. My problem is how to create a "ticket code" that fulfills the following requirements: each "ticket code" need to be sufficiently different fr...
I believe that internode communication is taking place in the clear and that the cookie value is strictly used for authentication. (I do not have any proof as yet). How do I encrypt internode comms? How do I encrypt Mnesia replication messages? How do I configure my firewall and packet filters to permit these messages to pass thru? Ho...
I need to encrypt a lot of large JPEG files. The pictures are very sensitive and need to only be decrypted inside my application. Because of the number and size of the images, speed is an issue. ...
I'm attempting to encode the encrypted id in the Url. Like this: http://www.calemadr.com/Membership/Welcome/9xCnCLIwzxzBuPEjqJFxC6XJdAZqQsIDqNrRUJoW6229IIeeL4eXl5n1cnYapg+N However, it either doesn't encode correctly and I get slashes '/' in the encryption or I receive and error from IIS: The request filtering module is configured to de...
Similar questions have been asked here, but their answers are not enough to me. What I would like to know is the definite approach to encrypting connection strings in a config file. Here are my questions: Using machine-level encryption, can't anybody accessing my server write a little .Net program to read the contents of the connectio...
I have following table CREATE TABLE User ( email sysname NOT NULL, sign varbinary(256) NULL ); sysname in SQL Server 2005/2008 has the same size as nvarchar(128) - which I'm assuming is 256 bytes. I'm using SignByCert(..., email, ...) function to produce a signature of 'email' column. Can I make any assumptions about the max...
I am trying to encrypt a string but often only part of the string is being encrypted. I don't see anyone else having this problem so I am probably doing something wrong. I have the same problem in Delphi 2007 and 2009. I am using Win XP SP3. Here is the code: procedure TForm1.Button1Click(Sender: TObject); var sTestToConvert: ansi...
Hi everyone, I have a desktop application that needs to read data from a database, both installed on client computer. That data in database must be encrypted, to deny client access, and protect data. I need to know what kind of database to use that can supports encryption, because the amount of data in some tables will be very huge, I...
I'm connecting mi cell phone application in J2ME to a web service and I have to send a SHA256 hash to it in order to validate some data received. I also need to be capable to store some information encrypted into the cell phone. I was thinking to use AES (rinjdael) symmetric encryption. Anyone knows about any code example using AES enc...
How to write a BlackBerry program for AES/CBC with Initialization Parameter ecncryption and Decryption and this encryption and decryption should work independent on Programming language Ex= If I encrypt some data using BlackBery I must be able to decrypt the same data using Java Program. Thanks Deepak ...
This is the code I'm currently using. It uses the BouncyCastle Provider. static { Security.addProvider(new BouncyCastleProvider()); } protected String encrypt(byte[] keyData, byte[] data) throws Exception { X509EncodedKeySpec keyspec = new X509EncodedKeySpec(keyData); KeyFactory kf = KeyFactory.getInstance("RSA", "BC"); Pub...
When I try to call System.IO.File.Encrypt() on an existing file, it throws a generic IOException, and the message is "Parameter is incorrect". System.IO.File.Encrypt("C:\Project\StorageDirectory\file.txt") The current user the process is running under has full control to the "StorageDirectory" folder. Is there something I'm missing...
For a database that is shipped with a remotely deployed product, are there any drawbacks to encrypting all code objects (procs, functions, views) via the WITH ENCRYPTION clause in MS SQL Server 2005 and 2008? The advantages are a deterrent to "custom" changes in the field that solve one need while creating many more. The goal is not to ...
Does anybody know of a free flash obfuscator? All I can find are commercial ones with free trials. I have done numerous google searches, and have been unable to find what I am looking for. I know that obfuscators do not make your swf hack proof, but they make things harder. Things I am looking for in an obfuscator: Unlimited obfusc...
Situation: I want to provide a website service where users can enter some data e.g. 15 bytes long name "namedata" and get a key code. That code can then be used to unlock some feature in a game (provided by me), also utilizing the namedata (think of a custom Lazgun named "Lazgun of Peter", where "Peter" is the namedata). My plan is to ...
Any SQLite database on the iPhone is simply a file bundled with the application. It is relatively simple for anyone to extract this file and query it. What are your suggestions for encrypting either the file or the data stored within the database. Edit: The App is a game that will be played against other users. Information about a user...