I've read a number of questions which suggest hashing passwords and storing them in the database. When someone logs in, you hash the password provided with what you have stored. What I do not understand is how this can work?? Two strings can hash to the same value - Not likely but DEFINITELY possible Can someone help me please? EDIT...
Hi, i'm developing a .net winforms desktop application intended to be run at several bank's branches as a backup application whenever the main one (a web application) is unavailable due to connection issues with the bank's central node. The branchs themselves don't count with any enterprise services besides a SQL-Server database. For tha...
When using AES (or probably most any cipher), it is bad practice to reuse an initialization vector (IV) for a given key. For example, suppose I encrypt a chunk of data with a given IV using cipher block chaining (CBC) mode. For the next chunk of data, the IV should be changed (e.g., the nonce might be incremented or something). I'm won...
We have generated RSA public key by our java program to encrypt the data in C++ before transmitting it but when we use this key to encrypt the data using Microsoft encryption API, it doesn't accepts this key. Do anyone has any ideas on this? ...
We have around 60 MB of device configuration implemented in at least 1000 xml files. Now we are releasing the software to the customers. But our requirement is not to allow the user to view and edit the xml configuration files. XML configuration files contains a lot of secret of the device information which can be easily hacked if it i...
Hello, I am in need to encrypt/decrypt data that has been encrypted on the database (Sql Server 2005) level in the .Net code. RjindaelManaged with 256 bit key length and 128 bit block size is the equivalent of AES 256 algorithm, but I don't know how to go about matching Key and IV so that both Sql Server and .Net encryption methods woul...
Hi there, I am trying to save sensitive information on DB with encryption and all users can put their information in DB after encrypting it, but only privilidged users can decrypt and see it. How can i achieve it using SQL Server 2008 key/certificate/encryption mechanism? Thanks, Ebe. ...
My first inclination is to say yes, since it's essentially a corporation's SSN which I would encrypt. However, I'm not sure whether SOX or and Federal guidelines actually require it to be encrypted. Anyone know for sure? ...
I am after a symmetric encryption/decryption routine in C#. I know there have been a few questions on this topic before, but most of the answers seem to be about the philosophy of encryption rather than giving actual code. What I really want is someone to fill in the following functions - public string Encrypt(string message, string ...
For a project I'm working on, I need to encrypt and decrypt a string using Blowfish in a compatible way across NSIS and PHP. At the moment I'm using the Blowfish++ plugin for NSIS and the mcrypt library with PHP. The problem is, I can't get them both to produce the same output. Let's start with the NSIS Blowfish++ plugin. Basically t...
Hi again everyone. I have an XML encryption routine based on the MSDN article http://msdn.microsoft.com/en-us/library/sb7w85t6.aspx My code is here public static void Encrypt(XmlDocument Doc, string ElementName, SymmetricAlgorithm Key) { //////////////////////////////////////////////// // Check the argum...
In my windows mobile application (v.6.x) I'm downloading media files onto the device. Is there a beaten path for encrypting this content? So that the media file can just be decrypted by the application, e.g. shuffle every 100th byte or something like that ...
I wasn't sure how to phrase this question, so apologies in advance if it's a duplicate of something else. I wanted to sanity check how I've secured my twisted based application and think I've done a good job at it, but it's been over a decade since I've written anything that uses raw or managed sockets. Authentication transaction: Cl...
Hello, I created an c# application (not asp webpage) which connects to a sql 2005 server. In my sourcecode the password and userid for this sql-server is coded plain text in ConnectionString. SqlConnection con = new SqlConnection(); con.ConnectionString = "Data Source=server1;"+ "Initial Catalog=mydatabase;"+ ...
HI am new to AMFPHP. am creating flex audio player. Whenever am playing the song in my player. the song url will be displayed by the use of FIREBUG addons.. How can i encrypt and decrypt that url using AMFPHP or PHP. Some flash audio players done this job using AMFPH.. Edit/Delete Message ...
I was wondering if someone has come up with something similar to this?? a way to compress a text: <?php $str = 'Hello world!';// the text here can be any characters long $key = compress($str);// should return a key 32characters long/ or a fixed number of characters $value = decompress($key);// should return "Hello World!" ?...
I am able, with pidgin otr for example, capable of communicating with anyone and it is secure. We haven't exchanged a secret passkey or anything else, the program just sets up the encryption and everyone assures me it is secure. So what I have is this: Person1 talking to Person2 (Assuming people really are who they say they are) Since...
I'm working on a closed-source game that uses a scripting language for automation. Almost all of the game logic is handled by scripts. Scripts can be compiled to a bytecode format, but due to the nature of the language, identifiers must be preserved. Compiled scripts can be embedded in other text-based resource formats using a binary-to-...
say i encrypt a .doc (or any other type) file and i decrypt it later. however, i cant open it because during the decryption process, [null]s and [DC1] and other highlighted chars were not put back into the file since they are not part of the ASCII characters. how are they written in other programs that compress/encrypt/edit/etc? im doin...
When I decrypt an encrypted file; it doesn't have the same size in bytes as the original file and the the hash of the file is different. I get the bytes of the file using File.ReadAllBytes and send to EncryptBytes with the password. Also the same with DecryptBytes. When I receive the bytes encrypted or decrypted i save them using File...