encryption

Help needed with AES between Java and Objective-C (iPhone)....

I am encrypting a string in objective-c and also encrypting the same string in Java using AES and am seeing some strange issues. The first part of the result matches up to a certain point but then it is different, hence when i go to decode the result from Java onto the iPhone it cant decrypt it. I am using a source string of "Now then a...

php post password routines?

Hi, I am very interested to find out how to keep php passwords secure. Main question is: How do I post the password as a secured string from the login form? I have been checking how other sites do this e.g. facebook. When I log in to facebook I dont see my password posted at all, it just seems like a long encrypted string. How do I c...

Preventing MITM attacks on server

Hello, Two clients Alice and Bob use a server to login and exchange messages through the server. On login, they both send their public keys to be stored on the server. When Alice wants to speak to Bob, she enrypts a symmetric key with Bob's public key and sends it to Bob through the server. How can I make sure that the server doesn't...

Crypt type identification /etc/shadow

I know that the password field in /etc/shadow is prefixed with ${number}$ if it is not simply DES encrypted. What I am not able to find is a table that correlates the type of encryption to a given number. For instance, $1$ would indicate MD5. Its the rest that escape me (i.e. SHA1, SHA256, Twofish, Blowfish, etc) I've gone through the ...

python: two way partial credit card storing encrytion

Hello, For my ecommece site, I want to store partial credit card numbers as string, for this I need to encrypt the information to store at the database and decrypt when users want to reuse the already entered credit card info from earlier purchases without typing it all over again. I am using Django thus I need to solve this via Python....

Is there a piece of secret data in a Linux user account?

I want my application (PHP, but that shouldn't matter) to store some data in a shared repository (the APC user cache, but again irrelevant). To prevent users from reading eachother's data I'd like to encrypt it per user. I could have the user specify the key in his configuration file for the application, but I'd rather generate it autom...

AesManaged versus RijndaelManaged

Hi all, I'm currently porting a peace of code written in .NET 3.5 to 2.0. At some point in the code (heavy load) the AesManaged class is being used, are there any performance gains from this implementation compared to RijndaelManaged, and should there be any risk when changing from AesManaged to RijndaelManaged concerning heavy load? g...

How do I improve breaking substitution ciphers programmically?

I have written (am writting) a program to analysis encrypted text and attempt to analysis and break it using frequency analysis. The encrypted text takes the form of each letter being substituted for some other letter ie. a->m b->z c->t etc etc. all spaces and non alpha chars are removed and upper case letters made lowercase. An exampl...

django, python and link encryption

Hello I need to arrange some kind of encrpytion for generating user specific links. Users will be clicking this link and at some other view, related link with the crypted string will be decrypted and result will be returned. For this, I need some kind of encryption function that consumes a number(or a string) that is the primary key of ...

Sending sensitive data from server to server via client

I have situation where I need to authenticate a client across multiple web services. Basically each service needs to identify the client and know a few other small pieces of information about the client. The way I have it working now is that the needed identifying information is stored in a session table in a database by the authentica...

Encrypting Parameters in persistence.xml

We have a batch application using OpenJPA. We are specifying all the DB connection parameters in persistence.xml. Although its a functional setup it looks very insecure to have all the ip,username,password in clear text and a serious concern in production. As it is a standalone batch app we cant use server configurations etc. Is there a...

Is It Possible To Reconstruct a Cryptographic Hash's Key

We would like to cryptographically (SHA-256) hash a secret value in our database. Since we want to use this as a way to lookup individual records in our database, we cannot use a different random salt for each encrypted value. My question is: given unlimited access to our database, and given that the attacker knows at least one secret...

bCrypt implementation in Javascript

I'm wondering if anyone has written or come across any implementations of bcrypt in JavaScript. I'm not against writing the code myself but if someone with a stonger background in cryptography has already written one why reinvent the wheel? Especially considering I'd probably come up with a shoddy wheel. [edit]: Following the links pro...

Encrypt / Decrypt Primary Key instead of using UID?

Although I always check that someone is allowed to access a record, I normally use a UID in query strings as I feel it discourages the temptation to "poke around" that ?id=1, ?id=2 does. I find though that it makes it a bit convoluted to do lookups across multiple tables as you need to store the UID as well instead of just the record id...

SlowAES cannot decrypt properly without original size...

Hello, First time poster here. Awesome community here. After endless hours of searching, I'm unable to figure out the answer to this problem I"m facing. First and foremost, I'm no guru when it comes to encryption/decryption, cryptology, etc. I only want to go so far in this realm without getting lost. The primary framework I code on i...

How does being able to factor large numbers determine the security of popular encryption algorithms?

How is the an encryption algorithm's security dependent on factoring large numbers? For example, I've read on some math-programming forums that by using the Quadratic Sieve or the General Number Field Sieve, one can factor a 256 bit number with relative ease on commercially available hardware. How does this translate to being able to b...

Encrypt nsdata in iphone and decrypt it in php

Hi All, I am new to Iphone development , I want to create an application in which I have to upload some data on php server using my Iphone application. For this I have an file on the Iphone whose content I have to upload on php server. For this I have converted the content of the file in NSData and now I want to encrypt this nsdata obje...

how to encrypt a file/folder using vb.net

Is it possible to encrypt a file/folder in vb.net? ...

Encrypt/Decrypt Image in ActionScript 3

I am developing a mobile app that involves (essentially) picture messaging as a feature. I need the images to be encrypted/decrypted with a simple, plain-text password. Due to the nature of the images being captured, it is /critical/ that the encryption and decryption processes happen on the device. After sitting through a presentation ...

problems understanding an open source Blowfish API

Hello.process of encoding. its work byte[] key = Form1.StrToByteArray("1234567812345678");//secret key byte[] data = Form1.StrToByteArray("ololoololoololoololoololoololoololoololoololoololoololoololoaaas");//text for encoding Blowfish bf = new Blowfish(key);//start class bf.Encipher(data, 64);//64 is len string data string encoded_tex...