Given the known weaknesses of MD5 and the recent (May 2009) weaknesses discussed in SHA1, how should new programs be salting & hashing their passwords? I've seen SHA-256 and SHA-512 suggested. Programming predominately in Ruby on Rails and using PostgreSQL -- but other languages and environments might also have to calculate password ha...
What is the best method to obfuscate the urls created in Dynamic Data? eg \Products\List.aspx?ProductId=2 could become \Products\List.aspx?x=UHJvZHVjdElkPTI= where "ProductId=2" is base 64 encoded to prevent casual snooping on \Products\List.aspx?ProductId=3 \Products\List.aspx?ProductId=4 etc...? I will probably have to inher...
cipher.h cipher.m are developing a module has. NSData value of the encrypted value problem as follows. : <0b21kck 0v35919 sk2910> As the purpose of encryption is to be sent to NSURLConnection String value. NSString value to NSData encrypted so I think it must be converted to What can you do? ...
I'm trying to adapt this DES encrypting example to AES, so I made the changes, and it try to run this: import java.io.File; import java.io.FileInputStream; import java.io.InputStream; import java.io.OutputStream; import java.security.spec.AlgorithmParameterSpec; import javax.crypto.Cipher; import javax.crypto.CipherInputStream; import ...
I am using .htaccess files to control access to various Apache2 directories. I have a main "password" file that contains usernames and passwords. All the instructions I have found regarding .htaccess talk about how the passwords added are encrypted. The usernames and passwords are created using the following command line syntax ... htpa...
What are the ways of protecting a SQL Server without using third party tools and not lose performance? [EDIT] I don't want to see,change,copy and attach,backup and restore to other servers. Only my application could do those operations. Even from System Admins ...
Does mysql provide a mechanism for storing and retrieving encrypted data? I don't mean passwords, I mean real strings. I'd like to encrypt a string, store in mysql and then retrieve the decrypted string at a later date. So, I know there is the AES_Encrypt and decrypt functions. But they ask for a key. (which is fine) but I wondering i...
For example, if I have three ASCII files: file1.txt file2.txt file3.txt ...and I wanted to combine them into one encrypted file: database.txt Then in the application I would decrypt the database.txt and put each of the original files into a 'File' class on the heap: class File{ public: string getContents(); void setConten...
Hi there, I'm looking for an easy and reversible method of obfuscating integer IDs. Ideally, I'd want the resulting obfuscation to be at most eight characters in length and non-sequential, meaning that the obfuscation of "1" should look nothing like the obfuscation for "2" and so on. This isn't meant to be secure by any means, so this...
I am just wondering if you are supposed to write a sort of really secure application with data being transmitted over insecure networks, what kind of encryption algorithm will you use it in order to make it safe ? I know several c++ libraries for encryption providing nice functions with different algorithms, but i'm not quite sure which ...
So, I've got an app at work that encrypts a string using ColdFusion. ColdFusion's bulit-in encryption helpers make it pretty simple: encrypt('string_to_encrypt','key','AES','HEX') What I'm trying to do is use Ruby to create the same encrypted string as this ColdFusion script is creating. Unfortunately encryption is the most confusing ...
I am trying to create an AES encryption method, but for some reason I keep getting a 'java.security.InvalidKeyException: Key length not 128/192/256 bits'. Here is the code: public static SecretKey getSecretKey(char[] password, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException{ SecretKeyFactory factory = SecretKe...
My SSIS package says it is successful, but when it runs it ends not doing anything (that I can see). The only thing wrong is this message (that it does not qualify as an error). Description: Failed to decrypt an encrypted XML node because the password was not specified or not correct. Package load will attempt to continue without the ...
Here's the thing: In my Qt4.6-Project, I use a SQLite-Database. This database shouldn't be unencrypted on my harddrive. So I want, that on every start of my program, the user gets asked to enter a password to decrypt the database. Of course the database never should appear "in clear" (not encrypted) on my harddrive. So is there any possi...
Looking to store usernames and passwords in a database, and am wondering what the safest way to do so is. I know I have to use a salt somewhere, but am not sure how to generate it securely or how to apply it to encrypt the password. Some sample Python code would be greatly appreciated. Thanks. ...
Does the performance of a symmetric encryption algorithm depend on the amount of data being encrypted? Suppose I have about 1000 bytes I need to send over the network rapidly, is it better to encrypt 50 bytes of data 20 times, or 1000 bytes at once? Which will be faster? Does it depend on the algorithm used? If so, what's the highest pe...
I'm required to write a JCE provider. I have learned that I need to use the bouncy castle clean room implementation. Could you please tell me what "clean room implementation" means in in this context? ...
Hi there, Currently writing my own AMF TcpSocketServer. Everything works good so far i can send and recieve objects and i use some serialization/deserialization code. Now i started working on the encryption code and i am not so familiar with this stuff. I work with bytes , is DES-CBC a good way to encrypt this stuff? Or are there othe...
Is possible to calculate average of three encrypted integer? No constrain on the method of encrypting. The point of this is just to hide the three numbers and find average. ...
hi, I am attempting to encrypt/decrypt a plain text file in my text editor. encrypting seems to work fine, but the decrypting does not work, the text comes up encrypted. I am certain i've decrypted the text using the word i encrypted it with - could someone look through the snippet below and help me out? Thanks :) Encrypting: NSAlert...