I have seen many sites who claim to have bank grade security encryption. if their web sites have been built with php what other forms of security can exist aside from using mysql_real_escape_string and a 128bit ssl encryption? ...
My place of employment requires that all passwords must be encrypted, including the ones used to connect to a database. What's the best way of handling this? I'm using the development version of Django with MySQL at the moment, but I will be eventually migrating to Oracle. Is this a job for Django, or the database? Edit: The encrypted p...
Lets say I have a cluster of HTTPD's on a Cloud and they all share the same database. Is setting up MySQL over SSL reasonable paranoia? Or is it security masturbation? What are the pro's and con's of SSL on the cloud? What about ARP Spoofing? ...
Hello all, I'm new to SSL connections so here goes my question. I have a desktop Java program in a JAR file. This JAR sends sensitive information over the internet to a remote Tomcat server. Of course I need to encrypt the data. If I purchase an SSL cerfiticate say from Verisign, will the data sent over SSL be automatically encrypte...
I am struggling to find any method of using RSA in ECB mode with PKCS1 padding in python. I've looked into pyCrypto, but they don't have PKCS1 padding in the master branch (but do in a patch). Nevertheless I found RSA with PKCS1 in the M2Crypto package, but I'm not sure if I can choose ECB mode... ...
I've got this function for encrypting passwords in Java, but somehow when I call MessageDigest, it returns a different result every time even though I call it with the same password. I wonder if I am initializing it wrong somehow. public String encrypt (String password) { MessageDigest md = MessageDigest.getInstance("SHA-1"); md...
I'm writing an android app where I need to use AES. Is it better to use the bouncy castle libraries or should I just stick with what is included in default android libraries? ...
I have created a standalone executable JAR program that needs to send private information over a SSL connection. I was not able to establish the SSL connection using certificates. Was getting this: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path `building failed: sun.security.provider.certpath.S...
Let me preface this by saying I know nothing about encryption. I understand the basic concept of public key / private key encryption but I don't how easily it can be broken, if at all. If one were to believe the movies, encrypted data can be broken by a teenager with a decent computer in a few hours. I have a client who wants credit car...
How do i decrypt an aes encryted column when using flash/flex to display the table data? adobe flex connected using php connection class to mysql for php, we would use aes_decrypt() however i am not sure how i can get flex to do this. ...
When I use C# to implement the AES symmetric encryption cipher, I noticed: PasswordDeriveBytes derivedPassword = new PasswordDeriveBytes(password, saltBytesArray, hashAlgorithmName, numPasswordIterations); Why do I need to use a hashing algorithm for AES encryption? Aren't they separate? Or is the hashing algorithm only used to create...
I have written a custom protected configuration provider for my web.config. When I try to encrypt my web.config with it I get the following error from aspnet_iisreg aspnet_regiis.exe -pef appSettings . -prov CustomProvider (This is running in my MSBuild) Could not load file or assembly 'MyCustomProviderNamespace' or one of its ...
As I see, TDE and EKM mechanisms are available only in Enterprise edition. How can I encrypt data in tables in Standard edition of SQL Server 2008? ...
I am learning how to encrypt the ConnectionString for our C# (3.5) Application. I read the .Net Framwork Developer Guide (http://msdn.microsoft.com/en-us/library/89211k9b(VS.80).aspx) about securing connection string. but not fully understand the contents. It says "The connection string can only be decrypted on the computer on which it...
If I want to sign and encrypt a message using an X509 certificate, is there any reason not to use the same certificate for encryption and signing? ...
Hey all, I am using http://pastie.org/966473 as a reference as all I need to do is encrypt something using AES256 encrypting. I created a class and put the implementation in the pastie on top of the implementation for my class. @implementation //pastie code @end @implementation //my class code @end In my class code I create a NSMut...
Is there a way to encrypt any string or file of any length and return a key with a fixed length. e.g: $str = 'Hello World!'; encrypt($str);//returns: "abc123"//a fixed length of characters. decrypt('abc123');//returns: "Hello World!"//the contents of the original string. above is in php Can be any computer language: Can be any fi...
I need to create a Windows Mobile Application (WinMo 6.x - C#) which is used to encrypt/decrypt files. However it is my duty to write the encryption algorithm which is AES-128 along with XTS as the mode of operation. RijndaelManaged just doesn't cut it :( Very much slower than DES and 3DES CryptoServiceProviders :O I know it all depend...
I'm using gmail from work, but I need to enter a password for a proxy when accesing the first web page. The password is asked from inside the browser. I receive a certificate from the proxy which I must accept in order to make the Internet connection work. Can my HTTPS connection, between gmail and browser, be tracked in this situatio...
How can i encrypt a function or its contents in a php class ? e.g. Take a look at below class, i would like to encrypt the function test1() so the code inside will never be revealed but executes as normal class test { var $x; var $y; function test1() { return $this->x; } function test2() { return $this->y; } } Than...