encryption

How? Encrypt and Decrypt user membership passwords in ASP.NET

We are creating a new site using ASP.NET membership provider for user registration and log in. Our old system encrypted user passwords so that we could recover them if we needed to. I am having a great deal of trouble figuring out if it is possible to use ASP.NET membership functions to simply encrypt the password when the user register...

iPhone SQLite Password Field Encryption

Good Afternoon Guys and Girls, Hopefully this will be a quick and easy question. I am building an App that requires the user to input their login details for an online service that it links to. Multiple login details can be added and saved as the user may have several accounts that they would like to switch between. These details will...

How to keep multiple connectionString passwords safe, separate, and easy to deploy?

I know there are plenty of questions here already about this topic (I've read through as many as I could find), but I haven't yet been able to figure out how best to satisfy my particular criteria. Here are the goals: The ASP.NET application will run on a few different web servers, including localhost workstations for development. This...

Can I encrypt value in C# and use that with SQL Server 2005 symmetric encryption?

To be more specific, if I create a symmetric key with a specific KEY_SOURCE and ALGORITHM (as described here), is there any way that I can set up the same key and algorithm in C# so that I can encrypt data in code, but have that data decrypted by the symmetric key in Sql Server? From the research I've done so far, it seems that the IDEN...

Can anyone explain why my crypto++ decrypted file is 16 bytes short?

In order that I might feed AES encrypted text as an std::istream to a parser component I am trying to create a std::streambuf implementation wrapping the vanilla crypto++ encryption/decryption. The main() function calls the following functions to compare my wrapper with the vanilla implementation: EncryptFile() - encrypt file using my...

Java: Read certificates from windows store

Hello. It is possible to write a Java program to read one certificate (getting private and public key) stored in windows certificate store ? Thanks ...

Are Encryption and Cipher different things?

I heard some time that encryption and cipher are not the same thing, if so, what's the difference? ...

Is there a .NET class to handle encryption?

I need to encrypt bytecode to send over a connection to a webservice, preferably using a GUID as a key. I have done a bit of research and found several classes developed for a similar purpose, but haven't been able to turn up much that is built into the Windows libraries. My question is: Is there something built in to C# that performs t...

Best style for Python programs: what do you suggest?

A friend of mine wanted help learning to program, so he gave me all the programs that he wrote for his previous classes. The last program that he wrote was an encryption program, and after rewriting all his programs in Python, this is how his encryption program turned out (after adding my own requirements). #! /usr/bin/env python #####...

Free DBMS with encryption support and without size limitations

I really need a free database which supports encryption, but doesn't have size limitations like 4 GB in SQL Server Express. Suggestions welcome! ...

storing original password text

My web application stores external website login/passwords for interaction with them. To interact with these websites I need to use the original password text, so storing just the hash in my database is not going to work. How should I store these passwords? Edit: I am concerned if someone gets access to my server. If I use some kind of...

Performance overhead of TDE on SQL Server 2008

Has anyone used TDE on SQL Server 2008? What are the performance overheads? ...

What algorithm should I use for encrypting and embedding a password for an application?

What algorithm should I use for encrypting and embedding a password for an application? It obviously is not bullet proof, but it should be good enough to thwart someone scanning the database with a hex editor, or make it hard for someone who has the skills to use a debugger to trace the code to work out, either by scanning for the encry...

Am I supposed to store hashes for passwords?

User System and Passwords: I was looking through MD5 stuff, and I am wondering what is the normal/good practice for passwords. Right now, I think people super encrypt the passwords and store the hashes. If so, how does password checking work? I just have the input password go through the encryption process again and then check the hash w...

How to get jetty to send jsessionid-cookies with the secure-flag when using a secure channel

I am using Tomcat in my production environment and jetty in my testing environment (via jetty-maven-plugin). Tomcat sets the secure-flag on a jsessionid-cookie, when it is sendig it over a secure channel (https), which looks like a good idea to me, becaus it prevents the session from being exposed, when the user klicks on a http://-link...

Best practices for encrypting continuous/small UDP data

Hello everyone, I am having an application where I have to send several small data per second through the network using UDP. The application need to send the data in real-time (no waiting). I want to encrypt these data and insure that what I am doing is as secure as possible. Since I am using UDP, there is no way to use SSL/TLS, so I h...

Is it possible to create a FIPS 140-2 compliant server in Perl?

The question is pretty simple, is it possible to create a FIPS 140-2 compliant server in Perl? Especially, is it possible without modifying any of the C code for the modules? If it's not possible in straight Perl, what would be the easiest way to go about it from a C perspective? I'm basically creating a mini-httpd that only serves up a...

Error "Input length must be multiple of 8 when decrypting with padded cipher"

I am trying to move a project from C# to Java for a learning exercise. I am still very new to Java, but I have a TripleDES class in C# that encrypts strings and returns a string value of the encrypted byte array. Here is my C# code: using System; using System.IO; using System.Collections.Generic; using System.Security.Cryptography; usin...

PGP Encrypt from C# using GnuPG

Hello All, I'm trying to encrypt a incoming document in C#, and I'm using GnuPG with input redirection. I need to use -se(sign and encrypt) in a single step, which requires entering passphrase. But for some reason, input redirection is not working. Appreciate your help. Control is going to else block. I'm not sure if there is deadlock or...

Plain text file in the compressed application bundle viewable by iPhone users?

There are some plain text files in my application bundle which has already been uploaded to the AppStore. These text files are read and displayed by the application. What I would like to know is, could people who downloaded the application from AppStore actually extract these text files and view them else where? Is there any encryptio...