encryption

HSM - cryptoki - opening sessions overhead

I am having a query regarding sessions with HSM. I am aware that there is an overhead if you initialise and finalise the cryptoki api for every file you want to encrypt/decrypt. My queries are, Is there an overhead in opening and closing individual sessions for every file, you want to encrypt/decrypt.(C_Initialize/C_Finalize) How ma...

AES acceleration for Java

I want to encrypt/decrypt lots of small (2-10kB) pieces of data. The performance is ok for now: On a Core2Duo, I get about 90 MBytes/s AES256 (when using 2 threads). But I may need to improve that in the future - or at least reduce the impact on the CPU. Is it possible to use dedicated AES encryption hardware with Java (using JCE, or m...

what is it mean and it's output?

Can any one please let me know what is it mean and it's output? it is a .Net script. private static readonly byte[] Key = { 0xda, 0x3c, 0x35, 0x6f, 0xbd, 0xd, 0x87, 0xf0, 0x9a, 0x7, 0x6d, 0xab, 0x7e, 0x82, 0x36, 0xa, ...

Security issue using Nant

I need to store authentication information and I rather not have the password in plain text: <property name="user" value="theUser"/> <property name="password" value="secret"/> Has anyone figured out a way to encrypt property values in Nant? I've looked in Nant and Nantcontrib docs but no mention of encryption. I am considering...

"Downloading" a computed value form JavaScript

I'm hoping you can prove me wrong here (please, please, please! ;). I have a situation where I need to download encrypted data from a Server D (for "Data"). Server K (for "Key") has the encryption key. For security sake, I would really prefer that Server D never know the key that Server K knows. What I want is my client (e.g. your browse...

What encryption algorithm is best for small strings ?

Hey, I have a string of 10-15 characters and I want to encrypt that string. The problem is - I want to get a shortest encrypted string as possible. I will also want to decrypt that string back to its original string. Which encryption algorithm fits best to this situation ? Thanks ...

How do brute force decryption attacks know when they've found the right solution?

How do brute-force attacks on encrypted data know when they've found the right key to decrypt the data? Is there a way to know that data's been decrypted, other than having a human looking at it? What if it's not human-friendly data? ...

Encryption Product Keys : Public and Private key encryption

I need to generate and validate product keys and have been thinking about using a public/private key system. I generate our product keys based on a client name (which could be a variable length string) a 6 digit serial number. It would be good if the product key would be of a manageable length (16 characters or so) I need to enc...

Does facebook connect for iphone have encryption

Does facebook connect for iphone contain any encryption? I tried searching on google but did not find anything related to this. ...

.net Encrypting Database Tables

I am delivering a module for a website that will collect information from a user and make appropriate calculations. The client wants any data collected from the user to be encrypted. We are using SQL express 2005 as the database. Thanks in advance. ...

C# Encryption exception

i Team, I have the following encryption code in C#. I am getting an exception as Specified initialization vector (IV) does not match the block size for this algorithm. Could you please tell me what is the missing link here? //Key and IV for RSA Encryption byte[] ketByte = Encoding.UTF8.GetBytes("C3CA193570B26E5C3CBB50FD805A01S2"); byt...

How to specifiy key size in the CertCreateSelfSignCertificate function

I am using the function CertCreateSelfSignCertificate (http://msdn.microsoft.com/en-us/library/aa376039(VS.85).aspx) to generate a certificate. I need to specify the key size to be 2048. I do not see how to provide this parameter. I would appreciate any help in this matter. Thanks. ...

Classic ASP vs. ASP.NET encryption options

I'm working on a web site where the new pages are ASP.NET and the legacy pages are Classic ASP. Being new to development in the Windows env, I've been studying the latest technology, i.e. .NET and I become like a deer in headlights when ever legacy issues come up regarding COM objects. Security on the website is an abomination, but I've...

How to find Key and IV value from .Net to PHP

Can any one please let me know is there any way to find a solution for the below stuffs. I need to find out the KEY and IV value from the below byte array. the byte array in .net and this has to be convert into KEY(string) and IV(string) via PHP. private static readonly byte[] Key = { 0xda...

Using encrypted web.config file

My aim is to make the web.config not readable by external users, but my application should be able to access it. Is there any way to do this? I have tried the following way, but how to set the application to use string instead of web.config? I want to encrypt my web.config file so that others do not open the file using any editor like ...

Is there an encrypted version control system?

I am looking for an encrypted version control system . Basically I would like to Have all files encrypted locally before sending to the server. The server should never receive any file or data unencrypted. Every other feature should work pretty much the same way as SVN or CVS does today. Can anyone recommend something like this? I ...

Personally-identifiable information (PII) storage in database

Im reading a lot of information regarding a law in Mass. about personally identifiable information storage in databases. From what I'm seeing, you should be encrypting major stuff like: a) SSN b) Financial info c) Debit/Credit d) Drivers License # If I have simple contact forms where users fill out their name, company, address, phone, ...

Can an authentication via HTTP over IIS be encrypted (without SSL)?

I'm accustomed to *nix servers and if we wanted a completely secure sign in screen, we (as far as I am aware) are to use SSL via HTTPS. Our overseeing organization at work use Windows Servers for serving web pages. On one such page they are authenticating network credentials. This page is using HTTP, and what appears to be Basic Auth (a ...

Prevent removal of code when distributed?

Hi there, I am creating a website for someone for free (as a favor) however I in return will have my link at the bottom, How can I make it so the website will not work correctly if the link is removed? Also can I double up on this and allow it so I can remotely change the link? Obviously I would be using either javascript for php (pref...

Cryptography - RSA Algorithm in Java 1.4

Hi folks! I am using Java 1.4.2_10 and I am trying to use RSA encryption: I am getting the NoSuchAlgorithmException for the following code: cipher = Cipher.getInstance("RSA"); This is the error: java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA at javax.crypto.Cipher.getInstance(DashoA6275) T...