Is there a way to encrypt the configuration file of a Windows forms application? All I can find on google is stuff that is dependant on "aspnet_regiis.exe" but I want to do this for a desktop application? e.g. http://msdn.microsoft.com/en-us/library/ms998283.aspx ...
We have an active Moodle installation recently updated to 1.9.7. This site has never used password salts before. I want to enable password salts on the system, as Moodle recommends now for 1.9.7, but I am not sure if the legacy salt support setting includes support for non-salted passwords. Reviewing the password sale documentation on M...
Would someone recommend a good book on data encryption algorithms? I would like one that has the math theory as well as some code examples. ...
I am creating a web app that will use OpenID logins and OAuth tokens with Youtube. I am currently storing the OpenID identity and OAuth token/token secret in plain text in the database. Is it inappropriate to store these values as plain text? I could use a one-way encryption for the OpenID identifier but I don't know if that is necess...
Hi, I'm developing a server component that will serve requests for a embedded client, which is also under my control. Right now everything is beta and the security works like this: client sends username / password over https. server returns access token. client makes further requests over http with the access token in a custom header...
I have a compact framework 3.5 application that is making a call to a webservice. On a desktop application I would normally just encrypt these and store the encryption keys in the application. However, I'm more concerned about security since this is on a handheld that may walk off. What is the standard practice for encrypting configur...
i want to create a flash application that sends information to a web server and i want the information to be encrypted and secured as possible. i know that using adobe flash media server or wowza it's possible to have some sort of javascript server side programming (asc) and sending and fetching information using the rtmpe protocol. is ...
Hi there, I have to encrypt a text by using the DES algorythm with a hash created in MD5. The MD5 function has the parameters: salt (byte[8]) and key (string 6), It has to iterate 1000 times. When I pass the MD5 encryption function it returns me a byte[16]. The DES function parameters are: the string to encrypt and the key (returned by ...
Hi, I am trying to zip and encrypt files in Java (1.6) with a password based on the earlier Zip 2.0 encryption. I have used AES 256 bit encrytpion to encrypt zip files with password and have successfully been able to do so. Though AES is a stronger and a more secure encryption standard, i need to find a standard that is more widely s...
I have 2 methods to generate 2 different data and need to save them in one encrypted file. Can I achieve this by adding encrypted stringA + encrypted stringB, then decrypt them later? Or I have to encrpt stringA -> save as file -> read the file & decrypt to stringA -> stringA + stringB -> encrypt ? NB, I am using Rijndael(AES) and s...
I would like to use OpenSSL in C++ to digitally verify signed data. Here is what I want to do: use the openssl command line to sign a file, with my private key. send the data to the program the program will verify the signature (public key stored internally), and will check if it's correct Also I would like to add ablity to encrypt/...
There are 2 buttons which will generate 2 piece of data. What I need to achieve is encrypt them separately and export to same file. Then I need be able to decrypt it later. Is it possible to use CBC mode? Using the same stream to encrypt the 1st block of the 2nd piece of data by the last block of the 1st piece of data? (To avoid IV) Or...
Is 1024 bit rsa secure, or is it crackable now? Is it safe for my program to use 1024 bit rsa? I read at http://pcworld.about.com/od/privacysecurity1/Researcher-RSA-1024-bit-encry.htm that 1024 bit encryption is unsecure, but I find 2048 bit slower, and also I see that various https sites (even paypal) use 1024 bit encryption. Is 1024 bi...
If I am using Rijndael CBC mode, I have no idea why we would need salt. My understanding is even if people know the password, but he cannot get the data without IV. So from my perspective, password + IV seem to be sufficent secure. Do I get anything wrong? ...
My iPhone app uses SHA1 for password security over an instant messaging protocol. Will I be required to declare my app as "containing encryption" when I submit it to Apple's review process? ...
I am trying to encrypt/decrypt an XML file. I found this sample for encrypting but I do not know how to decrypt? Any idea? Thanks! // Load this XML file System.Xml.XmlDocument myDoc = new System.Xml.XmlDocument(); myDoc.Load(@"c:\persons.xml"); // Get a specified element to be encrypted System.Xml...
I have a concatenated string and I want to pass it as query string. For security, I want to encrypt the concatenated string using gpg private key that resides in the same folder where this .php file resides on the remote server. I want to know whether it is safe to keep the public and private keys on the remote server and use it for enc...
I want to store confidential data in a digitally signed file, so that I know when its contents have been tampered with. My initial thought is that the data will be stored in NVPs (name value pairs), with some kind of CRC or other checksum to verify the contents. I am thinking of implementing the creating (i.e. writing) and verificati...
I am building a web application from scratch that has registration and login functionality. I am completely a novice when it comes to security issues and attack like mysql injection. Apart from encryption of password in database, what are other security issues that i have to worry about?? And how do i take care of them?? Thank you ...
I want to ask for a mature model to do this. Suppose I want to deliver a program and a sensitive data file to user. The program is able to read any data stored in the data file, but user is not allowd to easly break the data file. The data file will be encrypted by standard algorithm such as AES. Now, the problem turns to how to manage t...