encryption

encrypt apache and mysql servers

I have a question about encrypting disks. I have 2 servers: 1 is apache for web/frontend and it talks to server 2 which is mysql. They are all for intranet only; no external access. I was looking into using PGP or GnuPG to encrypt the disks. I'm not clear, though, as to exactly how this would work. Where would the keys be stored? On t...

Encrypt a file base upon a pregenerated "key" C#

Hello everyone. I'm trying to determine the best course of action to implement a simple "licensing" system with a partner of mine. The concept is: Generate an encrypted value based upon several internal hardware components. Have the customer send this value to us which we will implement into our key generator. Once we have that, we add ...

What exactly is a "key container"?

Is it something specific, with a definite structure, or just an arbitrary data file with some form of encryption to hold keys, and potentially other secret information? Can someone please explain the term or point me to a link. ...

How to safely store encryption key in a .NET assembly

In order to prevent somebody from grabbing my data easily, I cache data from my service as encrypted files (copy protection, basically). However, in order to do this, I must store the encryption key within the .NET assembly so it is able to encrypt and decrypt these files. Being aware of tools like Red Gate's .NET Reflector which can...

Interoperability between two AES algorithms

Hello, I'm new to cryptography and I'm building some test applications to try and understand the basics of it. I'm not trying to build the algorithms from scratch but I'm trying to make two different AES-256 implementation talk to each other. I've got a database that was populated with this Javascript implementation stored in Base64. N...

What is the best php encoder software ?

What is the best php encoder software? ========================================= http://www.freedownloadmanager.org/downloads/php_encoder_software/ http://forums.digitalpoint.com/showthread.php?t=596680 or another. Everybody say Zend Guard. But you can decode/decript zend's files at the page http://www.showmycode.com/ I think, Sour...

Objective-C library recommendation for AES-256 in CTR mode

Hello, I'm looking for recommendations on an Objective-C library for AES-256 encryption in CTR mode. I have a database full of data encrypted with another library using CTR and seems the included CCCrypt only supports ECB or CBC with PKCS#7. Any idea on the best portable library I should use? I'm not looking to port the original implem...

BN_hex2bn magically segfaults in openSSL

Greetings, this is my first post on stackoverflow, and i'm sorry if its a bit long. I'm trying to build a handshake protocol for my own project and am having issues with the server converting the clients RSA's public key to a Bignum. It works in my clent code, but the server segfaults when attempting to convert the hex value of the clie...

Verify p2p node

Hey guys, I have been working on a p2p namespace for some of my programs. I created a system to encrypt/decrypt the packets send/received with the class. I was using the basic public private key system: 1) encrypt the data with Symmetric encryption 2) encrypt the symmetric key with RSA. Then do the opposite when you decrypted.. I was...

help me with xor encryption in c#

I wrote this code in c# to encrypt a text with a key : using System; using System.Linq; using System.Collections.Generic; using System.Text; namespace ENCRYPT { class XORENC { private static int Bin2Dec(string num) { int _num = 0; for (int i = 0; i < num.Length; i++) { ...

Sql server backup with password

Hello, world. When we backup data in SQL server, i want a way to password protect it. Is there a way to do this without using third party tools ? ...

authentication question (security code generation logic)

I have a security number generator device, small enough to go on a key-ring, which has a six digit LCD display and a button. After I have entered my account name and password on an online form, I press the button on the security device and enter the security code number which is displayed. I get a different number every time I press the...

openssl ssl encryption

Hello, I want to discuss about openssl write and read method. Assume I have an data structure like below: /-----------------------------------------------------\ | my_header | PAYLOAD | \-----------------------------------------------------/ | | \ / ...

encryption of a single character

What is the minimum number of bits needed to represent a single character of encrypted text. eg, if I wanted to encrypt the letter 'a', how many bits would I require. (assume there are many singly encrypted characters using the same key.) Am I right in thinking that it would be the size of the key. eg 256 bits? ...

Implementations of JavaScript stream ciphers?

Are there any free to use implementations of stream ciphers available for JavaScript? Especially interested in HC-128, Salsa20/12 or SOSEMANUK as these are recommended by The eSTREAM Project ...

Encrypt parameters passed to a swf

Hi, does anyone know how to encrypt the parameters that are passed to a flash movie? The case is, that the user should not be able to read the parameters in the source code in plaintext. And of course, I have to able to decrypt the parameter in actionscript 3 ;-) thx, tux ...

Secure Password Storage and Transfer

I'm developing a new user store for my organisation and am now tackling password storage. The concepts of salting, HMAC etc are all fine with me - and want to store the users' passwords either salted and hashed, HMAC hashed, or HMAC salted and hashed - not sure what the best way will be - but in theory it won't matter as it will be able...

Whats wrong with my triple DES wrapper??

it seems that my code adds 6 bytes to the result file after encrypt decrypt is called.. i tries it on a mkv file.. please help here is my code class TripleDESCryptoService : IEncryptor, IDecryptor { public void Encrypt(string inputFileName, string outputFileName, string key) { EncryptFile(inputFileName, outputFileName, ...

Is it worth using https if you are not doing financial transactions?

Hey just a quick question for any experts out there. I have a site that lets users interact through messages and to sign up you just make a username and password, verify your age, and optionally, add an email. There isn't really any sensitive information I suppose. Is it worth using https. Will it prevent session hi jacking and will it h...

Where are the real risks in network security?

Anytime a username/password authentication is used, the common wisdom is to protect the transport of that data using encryption (SSL, HTTPS, etc). But that leaves the end points potentially vulnerable. Realistically, which is at greater risk of intrusion? Transport layer: Compromised via wireless packet sniffing, malicious wiretapping,...