I would like to read/write encrypted XML files using LINQ to XML. Does anyone know how to use encryption algorithms built into the .NET Framework to encrypt the Stream used by the XDocument object? I did try it, but you can't set the CryptoStream to Read/Write access. It only support Read or Write, which causes LINQ to XML to throw an e...
Hi, In AES encryption (.net framework), how are the public and private keys used? Are the public and private keys combined to form a full key, and then the algorithm uses the public + private key to encrypt the data? (simplified keys used below for example purposes) e.g. public key = 12345 private key = 67890 so the key used when ge...
Is there an easy way to verify that a given private key matches a given public key? I have a few *.pub, and a few *.key files, and I need to check which go with which. Again, these are pub/key files, DSA. I would really prefer a one-liner of some sort... ...
bCrypt's javadoc has this code for how to encrypt a password: String pw_hash = BCrypt.hashpw(plain_password, BCrypt.gensalt()); To check whether a plaintext password matches one that has been hashed previously, use the checkpw method: if (BCrypt.checkpw(candidate_password, stored_hash)) System.out.println("It matches"); else ...
Using C or C++, After I decrypt a file to disk- how can I guarantee it is deleted if the application crashes or the system powers off and can't clean it up properly? Using C or C++, on Windows and Linux? ...
Hi all, I need my database to be secure in case of the hard drive being stolen. I have not seen many databases (even mainstream ones) claiming to support encryption. Do you guys know of any databases that support encryption? If I'm using a database that doesn't support encryption, is it a bad idea to encrypt data natively (using ja...
Hi, The Rijndael encryption algorithm is implemented in .NET using 3 streams in the following example: Rinjdael. Can someone explain to me what these streams are doing? How/Why are they used? // Declare the streams used // to encrypt to an in memory // array of bytes. MemoryStream msEncrypt = null; CryptoStream csEncrypt = null; Stre...
I've inherited a web app that I've just discovered stores over 300,000 usernames/passwords in plain text in a SQL Server database. I realize that this is a Very Bad Thing™. Knowing that I'll have to update the login and password update processes to encrypt/decrypt, and with the smallest impact on the rest of the system, what would you ...
If a hacker has access to the hashes in my DB, he has access to the rest of the information in the DB anyways. So why would he bother trying to decrypt the passwords? Should I be storing the passwords on a different server to the rest of my data? That is the only scenario in which I can envision it being useful. ...
Hi, Just trying to understand Flickr's API setup, and how secure it really is. Flickr API Why do a MD5 hash and not something like AES? ...
Hi people, We're looking to encrypt a field using DB-side encryption via NHibernate (most examples we've come across are app-side, which is not what we would like). The issue has been raised a couple of times, but no answers yet it seems. On SQL Server 2005, for instance, and forgetting key-related issues for now, this means INSERTin...
Do you know of any other ciphers that performs like the ROT47 family ? My major requirement is that it'd be keyless. Thanks. ...
I'm writing a program that creates a Word document with sensitive information. I'd like to encrypt and password protect the document and distribute it in a self-extracting file so that the user can double-click, provide a password, and then receive the unencrypted file. I'm okay creating the Word document, but I'd like a third-party pro...
Hi, I want to convert the Rijndaemanaged() encrpted value to a string. Will ToBase64String() suffice? It says its only for 8-bit arrays, but AES is 128 bit right? Update For the encrption, I am using the code from http://msdn.microsoft.com/en-us/library/system.security.cryptography.rijndaelmanaged.aspx ...
I have a process that runs on a UNIX (Solaris) server that runs nightly and needs to be able to send out encrypted emails. I only need the "encryption" portion, NOT the digital signature / self-repudiation part of PKI. I use MS Outlook in a corporate setting and I am assuming that when a user clicks "Publish to GAL..." under Tools -> O...
Has anyone been able to use the SSCrypto Framework for Cocoa to encrypt text and then decrypt it in C#/.NET ? Or can someone offer some guidance? I'm pretty sure my issue has to do with getting the crypto settings correct but I am far from fluent in Cocoa so I can't really tell what settings are being used in the library. However my att...
I want to be able to create a file, distribute it to an end-user, but prevent them from making modifications to the file. Now, obviously, I can't actually stop anybody from modifying the file - so my approach is to detect and reject the file if it's modified. My intention is to generate a salted hash of the file contents and append it ...
What are the best practices for dealing with Things that should be hashed. i.e. passwords and Things that cannot be hashed, but are extremely confidential and would cause tremendous pain if compromised. i.e. credit cards, SSN, missle launch codes. Which encryption algorithm is strongest, most recommended? How you do handle the ...
I'm trying TripleDES Encryption with ECB mode. My code looks like that: public static string EncryptDES(string InputText) { byte[] key = new byte[] { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 }; byte[] cle...
I want to use PKCS#7 as a container format for some encrypted, signed content and we need to use AES in CBC mode with ISO 10126 based padding. I can't seem to find a concrete reference to an algorithm identifier to use for this combination. I can invent my own but would then lose interoperability with other tools. ...