Search Results

Search found 1485 results on 60 pages for 'encrypted'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 15/60 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Encrypting with Perl CBC and decrypting with PHP mcrypt

    - by Ed
    I have an encrypted string that was encrypted with Perl Crypt::CBC (Rijndael,cbc). The original plaintext was encrypted with encrypt_hex() method of Crypt::CBC. $encrypted_string = '52616e646f6d49567b2c89810ceddbe8d182c23ba5f6562a418e318b803a370ea25a6a8cbfe82bc6362f790821dce8441a790a7d25d3d9ea29f86e6685d0796d'; I have the 32 character key that was used. mcrypt is successfully compiled into PHP, but I'm having a very hard time trying to decrypt the string in PHP. I keep getting gibberish back. If I unpack('H*', $encrypted_string), I see 'RandomIV' followed by what looks like binary. I can't seem to correctly extract the IV and separate the actual encrypted message. I know I'm not providing my information, but I'm not sure where else to start. $cipher = 'rijndael-256'; $cipher_mode = 'cbc'; $td = mcrypt_module_open($cipher, '', $cipher_mode, ''); $key = '32 characters'; // Does this need to converted to something else before being passed? $iv = ?? // Not sure how to extract this from $encrypted_string. $token = ?? // Should be a sub-string of $encrypted_string, correct? mcrypt_generic_init($td, $key, $iv); $clear = rtrim(mdecrypt_generic($td, $token), ''); mcrypt_generic_deinit($td); mcrypt_module_close($td); echo $clear; Any help, pointers in the right direction, would be greatly appreciated. Let me know if I need to provide more information.

    Read the article

  • Android AES and init vector

    - by Donald_W
    I have an issue with AES encryptio and decryption: I can change my IV entirely and still I'm able to decode my data. public static final byte[] IV = { 65, 1, 2, 23, 4, 5, 6, 7, 32, 21, 10, 11, 12, 13, 84, 45 }; public static final byte[] IV2 = { 65, 1, 2, 23, 45, 54, 61, 81, 32, 21, 10, 121, 12, 13, 84, 45 }; public static final byte[] KEY = { 0, 42, 2, 54, 4, 45, 6, 7, 65, 9, 54, 11, 12, 13, 60, 15 }; public static final byte[] KEY2 = { 0, 42, 2, 54, 43, 45, 16, 17, 65, 9, 54, 11, 12, 13, 60, 15 }; //public static final int BITS = 256; public static void test() { try { // encryption Cipher c = Cipher.getInstance("AES"); SecretKeySpec keySpec = new SecretKeySpec(KEY, "AES"); c.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(IV)); String s = "Secret message"; byte[] data = s.getBytes(); byte[] encrypted = c.doFinal(data); String encryptedStr = ""; for (int i = 0; i < encrypted.length; i++) encryptedStr += (char) encrypted[i]; //decryoption Cipher d_c = Cipher.getInstance("AES"); SecretKeySpec d_keySpec = new SecretKeySpec(KEY, "AES"); d_c.init(Cipher.DECRYPT_MODE, d_keySpec, new IvParameterSpec(IV2)); byte[] decrypted = d_c.doFinal(encrypted); String decryptedStr = ""; for (int i = 0; i < decrypted.length; i++) decryptedStr += (char) decrypted[i]; Log.d("", decryptedStr); } catch (Exception ex) { Log.d("", ex.getMessage()); } } Any ideas what I'm doing wrong? How can I get 256 bit AES encryption (only change key to 32-byte long array?) Encryption is a new topic for me so please for newbie friendly answers.

    Read the article

  • How to encrypt/decrypt a file in Java?

    - by Petike
    Hello, I am writing a Java application which can "encrypt" and consequently "decrypt" whatever binary file. I am just a beginner in the "cryptography" area so I would like to write a very simple application for the beginning. For reading the original file, I would probably use the java.io.FileInputStream class to get the "array of bytes" byte originalBytes[] of the file. Then I would probably use some very simple cipher, for example "shift up every byte by 1" and then I would get the "encrypted" bytes byte encryptedBytes[] and let's say that I would also set a "password" for it, for example "123456789". Next, when somebody wants to "decrypt" that file, he has to enter the password ("123456789") first and after that the file could be decrypted (thus "shift down every byte by 1") and consequently saved to the output file via java.io.FileOutputStream I am just wondering how to "store" the password information to the encrypted file so that the decrypting application knows if the entered password and the "real" password equals? Probably it would be silly to add the password (for example the ASCII ordinal numbers of the password letters) to the beginning of the file (before the encrypted data). So my main question is how to store the password information to the encrypted file?

    Read the article

  • Optimizing AES modes on Solaris for Intel Westmere

    - by danx
    Optimizing AES modes on Solaris for Intel Westmere Review AES is a strong method of symmetric (secret-key) encryption. It is a U.S. FIPS-approved cryptographic algorithm (FIPS 197) that operates on 16-byte blocks. AES has been available since 2001 and is widely used. However, AES by itself has a weakness. AES encryption isn't usually used by itself because identical blocks of plaintext are always encrypted into identical blocks of ciphertext. This encryption can be easily attacked with "dictionaries" of common blocks of text and allows one to more-easily discern the content of the unknown cryptotext. This mode of encryption is called "Electronic Code Book" (ECB), because one in theory can keep a "code book" of all known cryptotext and plaintext results to cipher and decipher AES. In practice, a complete "code book" is not practical, even in electronic form, but large dictionaries of common plaintext blocks is still possible. Here's a diagram of encrypting input data using AES ECB mode: Block 1 Block 2 PlainTextInput PlainTextInput | | | | \/ \/ AESKey-->(AES Encryption) AESKey-->(AES Encryption) | | | | \/ \/ CipherTextOutput CipherTextOutput Block 1 Block 2 What's the solution to the same cleartext input producing the same ciphertext output? The solution is to further process the encrypted or decrypted text in such a way that the same text produces different output. This usually involves an Initialization Vector (IV) and XORing the decrypted or encrypted text. As an example, I'll illustrate CBC mode encryption: Block 1 Block 2 PlainTextInput PlainTextInput | | | | \/ \/ IV >----->(XOR) +------------->(XOR) +---> . . . . | | | | | | | | \/ | \/ | AESKey-->(AES Encryption) | AESKey-->(AES Encryption) | | | | | | | | | \/ | \/ | CipherTextOutput ------+ CipherTextOutput -------+ Block 1 Block 2 The steps for CBC encryption are: Start with a 16-byte Initialization Vector (IV), choosen randomly. XOR the IV with the first block of input plaintext Encrypt the result with AES using a user-provided key. The result is the first 16-bytes of output cryptotext. Use the cryptotext (instead of the IV) of the previous block to XOR with the next input block of plaintext Another mode besides CBC is Counter Mode (CTR). As with CBC mode, it also starts with a 16-byte IV. However, for subsequent blocks, the IV is just incremented by one. Also, the IV ix XORed with the AES encryption result (not the plain text input). Here's an illustration: Block 1 Block 2 PlainTextInput PlainTextInput | | | | \/ \/ AESKey-->(AES Encryption) AESKey-->(AES Encryption) | | | | \/ \/ IV >----->(XOR) IV + 1 >---->(XOR) IV + 2 ---> . . . . | | | | \/ \/ CipherTextOutput CipherTextOutput Block 1 Block 2 Optimization Which of these modes can be parallelized? ECB encryption/decryption can be parallelized because it does more than plain AES encryption and decryption, as mentioned above. CBC encryption can't be parallelized because it depends on the output of the previous block. However, CBC decryption can be parallelized because all the encrypted blocks are known at the beginning. CTR encryption and decryption can be parallelized because the input to each block is known--it's just the IV incremented by one for each subsequent block. So, in summary, for ECB, CBC, and CTR modes, encryption and decryption can be parallelized with the exception of CBC encryption. How do we parallelize encryption? By interleaving. Usually when reading and writing data there are pipeline "stalls" (idle processor cycles) that result from waiting for memory to be loaded or stored to or from CPU registers. Since the software is written to encrypt/decrypt the next data block where pipeline stalls usually occurs, we can avoid stalls and crypt with fewer cycles. This software processes 4 blocks at a time, which ensures virtually no waiting ("stalling") for reading or writing data in memory. Other Optimizations Besides interleaving, other optimizations performed are Loading the entire key schedule into the 128-bit %xmm registers. This is done once for per 4-block of data (since 4 blocks of data is processed, when present). The following is loaded: the entire "key schedule" (user input key preprocessed for encryption and decryption). This takes 11, 13, or 15 registers, for AES-128, AES-192, and AES-256, respectively The input data is loaded into another %xmm register The same register contains the output result after encrypting/decrypting Using SSSE 4 instructions (AESNI). Besides the aesenc, aesenclast, aesdec, aesdeclast, aeskeygenassist, and aesimc AESNI instructions, Intel has several other instructions that operate on the 128-bit %xmm registers. Some common instructions for encryption are: pxor exclusive or (very useful), movdqu load/store a %xmm register from/to memory, pshufb shuffle bytes for byte swapping, pclmulqdq carry-less multiply for GCM mode Combining AES encryption/decryption with CBC or CTR modes processing. Instead of loading input data twice (once for AES encryption/decryption, and again for modes (CTR or CBC, for example) processing, the input data is loaded once as both AES and modes operations occur at in the same function Performance Everyone likes pretty color charts, so here they are. I ran these on Solaris 11 running on a Piketon Platform system with a 4-core Intel Clarkdale processor @3.20GHz. Clarkdale which is part of the Westmere processor architecture family. The "before" case is Solaris 11, unmodified. Keep in mind that the "before" case already has been optimized with hand-coded Intel AESNI assembly. The "after" case has combined AES-NI and mode instructions, interleaved 4 blocks at-a-time. « For the first table, lower is better (milliseconds). The first table shows the performance improvement using the Solaris encrypt(1) and decrypt(1) CLI commands. I encrypted and decrypted a 1/2 GByte file on /tmp (swap tmpfs). Encryption improved by about 40% and decryption improved by about 80%. AES-128 is slighty faster than AES-256, as expected. The second table shows more detail timings for CBC, CTR, and ECB modes for the 3 AES key sizes and different data lengths. » The results shown are the percentage improvement as shown by an internal PKCS#11 microbenchmark. And keep in mind the previous baseline code already had optimized AESNI assembly! The keysize (AES-128, 192, or 256) makes little difference in relative percentage improvement (although, of course, AES-128 is faster than AES-256). Larger data sizes show better improvement than 128-byte data. Availability This software is in Solaris 11 FCS. It is available in the 64-bit libcrypto library and the "aes" Solaris kernel module. You must be running hardware that supports AESNI (for example, Intel Westmere and Sandy Bridge, microprocessor architectures). The easiest way to determine if AES-NI is available is with the isainfo(1) command. For example, $ isainfo -v 64-bit amd64 applications pclmulqdq aes sse4.2 sse4.1 ssse3 popcnt tscp ahf cx16 sse3 sse2 sse fxsr mmx cmov amd_sysc cx8 tsc fpu 32-bit i386 applications pclmulqdq aes sse4.2 sse4.1 ssse3 popcnt tscp ahf cx16 sse3 sse2 sse fxsr mmx cmov sep cx8 tsc fpu No special configuration or setup is needed to take advantage of this software. Solaris libraries and kernel automatically determine if it's running on AESNI-capable machines and execute the correctly-tuned software for the current microprocessor. Summary Maximum throughput of AES cipher modes can be achieved by combining AES encryption with modes processing, interleaving encryption of 4 blocks at a time, and using Intel's wide 128-bit %xmm registers and instructions. References "Block cipher modes of operation", Wikipedia Good overview of AES modes (ECB, CBC, CTR, etc.) "Advanced Encryption Standard", Wikipedia "Current Modes" describes NIST-approved block cipher modes (ECB,CBC, CFB, OFB, CCM, GCM)

    Read the article

  • Possible to get cleartext password?

    - by Farhan
    I have hosting service hosted on more than 20+ Plesk servers, version 11. As in the previous versions, the passwords were not encrypted, then if i had to design some tools to manage the hosting accounts, i just picked up the cleartext passwords from the Database. but as now the passwords are encrypted, is there any way i can decrypt the passwords? through API or any other way so that i can integrate my php based hosting management with plesk 11?

    Read the article

  • Bitlocker Repair Tool for windows 7 Ultimate

    - by user44212
    I have just enabled bitlocker using a flash drive without TPM on windows 7 Ultimate 64 bit. Just to be prepared - is there any way I can recover data from an encrypted volume in Windows 7 ultimate. I found links for BitLocker Repair Tool to help recover data from an encrypted volume for windows vista and windows 2008 here http://support.microsoft.com/kb/928201 but did not find anything on microsoft for windows 7. But did not find any for windows 7 Ultimate.

    Read the article

  • Encrypting traffic on remote end of SSH tunnel

    - by Aaron
    Using an example of someone connecting to a VPS, an SSH tunnel will encrypt any traffic coming from the user to the VPS. Once it reaches the VPS network, the traffic is not encrypted and is easily sniffable by network administrators on that particular network. (am I understanding all that correctly?) Is there a way to have the traffic encrypted on both ends so that neither side is susceptible to packet sniffing to reveal what kind of data/traffic/protocol is being transmitted?

    Read the article

  • Why many applications close after opening a document or doing a specific actions?

    - by Mohsen Farjami
    I have some encrypted pdf files that have no problem and in my last windows, I could open them easily with Adobe Reader 9.2 and other pdf readers. But now, I can only open non-encrypted pdf files and one encrypted file with Adobe Reader. every time I open almost any encrypted pdf, it closes itself. Also, when I try to search a folder for a keyword with Foxit Reader, once it closed. This is not related to Adobe Reader, because I have the same problem with Word 2007. When I open a document, sometimes it closes instantly and sometimes it closes after a few seconds and sometimes it is stable. My windows is Fresh. I have installed it a few days ago. I have ESET Smart Security 5.2 and I have updated it today. OS: XP Pro SP3, RAM: 3 GB, CPU: 2 GHZ, HDD: 320 GB My installed applications: Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS4 Adobe Reader 9.2 Atheros Wireless LAN Client Adapter Babylon Bluetooth Stack for Windows by Toshiba CCleaner Conexant HD Audio Dell Touchpad ESET Smart Security Farsi (101) Custom Foxit Reader Framing Studio 3.27 Google Chrome Hard Disk Sentinel PRO HDAUDIO Soft Data Fax Modem with SmartCP Intel(R) Graphics Media Accelerator Driver IrfanView (remove only) Java(TM) 6 Update 18 K-Lite Mega Codec Pack 8.8.0 Microsoft .NET Framework 2.0 Service Pack 1 Microsoft .NET Framework 3.0 Service Pack 1 Microsoft .NET Framework 3.5 Microsoft Data Access Components KB870669 Microsoft Office 2007 Primary Interop Assemblies Microsoft Office Enterprise 2007 Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348) Mozilla Firefox 7.0.1 (x86 en-US) Notepad++ Office Tab FreeEdition 8.50 ParsQuran PerfectDisk 12 Professional Registry First Aid RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.06 Sahar Money Manager 2.5 Stickies 7.1d The KMPlayer (remove only) TurboLaunch 5.1.2 Unlocker 1.9.1 USB Safely Remove 4.2 Virastyar Visual Studio 2005 Tools for Office Second Edition Runtime Winamp Windows Internet Explorer 8 Windows Media Player 11.0.5358.4826 Windows XP Service Pack 3 WinRAR 4.11 (32-bit) WorkPause 1.2 Z Dictionary My startup applications: WorkPause USB Safely Remove TurboLaunch SunJavaUpdateSched Stickies rfagent Persistence ParsQuran Daily Verse ITSecMng IgfxTray HotKeysCmds Hard Disk Sentinel egui disable shift+delete CTFMON.EXE Bluetooth Manager Babylon Client Apoint AdobeCS4ServiceManager Adobe Reader Speed Launcher Adobe ARM What should I do to solve it? If you recommend installing Windows again, what guarantees that it won't happen again?

    Read the article

  • How to encrypt dual boot windows 7 and xp (bitlocker, truecrypt combo?) on sdd (recommended?)

    - by therobyouknow
    I would like to setup a dual boot Windows 7 and Windows XP laptop/notebook computer where each operation system's partition is fully encrypted. I would like to do this on a SSD - a 128Gb Crucial M4. My research Dual boot of truecrypt encrypted OSs on one drive (not possible - in Truecript 7.x at time of writing) This cannot be done on a standard Truecrypt setup - it will only support encrypting one of the operating systems. I have tried this and also read about it here on superuser.com However, I did see a solution here that uses grub4dos as the initial bootloader to chain to separate truecrypt encrypted OSs, in my case Windows 7 and Windows XP: http://yyzyyz.blogspot.co.uk/2010/06/truecrypt-how-to-encrypt-multiple.html I am not going to consider this solution as it relies upon some custom code for use in the bootloader that is provided by the author. I would prefer a solution that can be fully understood so that I can be sure that there is nothing undesirable occuring (i.e. malware or just simply bugs in the code). I would like to believe such a solution doesn't have those risks but I can't be sure. BitLocker and Truecrypt combination - possible solution? So I am now considering a combination of encryption programs: I now aim to encrypt Windows XP with Truecrypt and Windows 7 with BitLocker. Assuming Truecrypt bootloader can boot into non-Truecrypt OSs (e.g. via hitting Escape to go to another menu), then this solution may be viable. SSDs and Encryption (use fastest possible spinning hard disk instead (?)) I read on various superuser.com posts and elsewhere that current SSDs are not suited to whole drive encryption for various reasons: impact of performance algorithms that give SSDs advantage over spinning harddisks. Algorithms used in compression of data for example. Wear on the SSD, shortening its life Security issues whereby data is repeated, as indicated in some Truecrypt documentation So I am now considering not using SSD. But with the aim to have the fastest drive possible, I am considering using the Western Digital Scorpion black 2.5" 7200rpm harddisk as this appears to be top rated among spinning platter-based harddrives (don't work for Western Digital). Summary So to achieve whole drive encrypted dual boot Windows 7 and Windows XP with minimal performance impact I intend to use a combination of Truecrypt and Bitlocker on a top-rated conventional spinning platter-based harddisk. Questions Will my summary: achieve whole disk encryption of the dual-boot Windows XP, Windows 7? OR an you suggest a simpler solution, including one that only requires only Truecrypt (BitLocker not available on XP). Or another encryption tool, including paid-for? provide the highest performance. Am I correct to avoid using SDD with encryption for the reasons I discovered? Are the concerns about SSDs and encryption still very real (some articles I read go back to 2010) Thanks for your input!

    Read the article

  • TrueCrypt System Favorite Volume doesn't mount automatically on boot

    - by Anders Hovgaard
    I've encrypted my system partition using TrueCrypt and I've read that I can mount my encrypted data partition (TrueCrypt volume) on boot by making it a "System Favorite" and giving it the same password as the system partition. However it doesn't work and I have to mount it manually every time. See this example. I've tried enabling "Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)" in System - Settings, but that didn't change anything either. Any ideas?

    Read the article

  • unlock-bde application not found error prevalent in Windows 8

    - by felipe55
    I have encrypted a drive with BitLocker in Windows 8 Pro, but the drive will not auto-unlock. I can manually unlock the drive from BitLocker in the Control Panel. However from Windows Explorer, I keep seeing the "unlock-bde" command that reports the error "application not found." Anyone know how to permanently fix this issue so it will auto-unlock the encrypted drive upon login to Windows 8 and it does not reoccur?

    Read the article

  • Back up and restore Active Directory password per user

    - by Robert Perlberg
    For administrative purposes, I sometimes need to log in as another user to diagnose a problem with their account. I'd like to be able to do this without having to change their password so I don't have to keep bothering them. Under Unix, I can just save the encrypted password from the passwd file, change the password, then edit the old encrypted password back into the passwd file. Is there a way of doing something similar in AD?

    Read the article

  • public key email encryption

    - by anatak
    Who has their email fully encrypted ? I would like to encrypt my email but I am not sure how to start. If I use encrypted email and I send an email to someone who does not encrypt his email how can the receiver read the email ? What email client would you recommend to run on a windows systems for encrypted email ? I am using Thunderbird at the moment. As I understand you have to generate 2 keys (one public and one private) but how do you generate this key? I also think that you have to put your key somewhere to download but I don't understand how you can trust the downloaded keys. Any links to a good (not too complicated) guide about the working an implementing of email encryption would be very much appreciated. kind regards wim hendrix anatak

    Read the article

  • C# Login Dialog Implementation

    - by arc1880
    I have implemented a LoginAccess class that prompts the user to enter their active directory username and password. Then I save the login data as an encrypted file. Every subsequent start of the application, the LoginAccess class will read the encrypted file and check against the active directory to see if the login information is still valid. If it is not, then it will prompt the user again. I have made it so that the reading of the encrypted file and displaying of the login dialog is done on a separate thread. A delegate is fired when the login process is complete. The issue that I'm having is that I have a class that is used in multiple places. This class contains the call to the LoginAccess object. Every time I instantiate a new object there are multiple calls to the LoginAccess object and I get multiple dialogs appearing when it tries to prompt for a username and password. Any suggestions on how to have only one dialog appear would be greatly appreciated.

    Read the article

  • OpenSSL "Seal" in C (or via shell)

    - by chpwn
    I'm working on porting some PHP code to C, that contacts a web API. The issue I've come across is that the PHP code uses the function openssl_seal(), but I can't seem to find any way to do the same thing in C or even via openssl in a call to system(). From the PHP manual on openssl_seal(): int openssl_seal ( string $data , string &$sealed_data , array &$env_keys , array $pub_key_ids ) openssl_seal() seals (encrypts) data by using RC4 with a randomly generated secret key. The key is encrypted with each of the public keys associated with the identifiers in pub_key_ids and each encrypted key is returned in env_keys . This means that one can send sealed data to multiple recipients (provided one has obtained their public keys). Each recipient must receive both the sealed data and the envelope key that was encrypted with the recipient's public key. What would be the best way to implement this? I'd really prefer not to call out to a PHP script every time, for obvious reasons.

    Read the article

  • Oauth callback problem

    - by yogsma
    I am using OAuth with google data api. We have a portal only for authorized users. So when users are logged in and if they are accessing calendar page, they will be asked if they want to sync their calendars with google calendar. If yes, they will be redirected for authentication. Once user has granted access, google appends OAuth_Token to the callback URL. the callback URL was that of the page of calendar in portal. This url has its query string options encrypted. But when the redirection happens , it takes back to login page of url. url is like http://aaa.xyz.com/(encrypted part of query string) and after oauth_token is authorized, this url becomes http://aaa.xyz.com/(encrypted part of query string)&oauth_token. So the user sees the login page after redirection instead of original page. How should I handle this in code.

    Read the article

  • How to match ColdFusion encryption with Java 1.4.2?

    - by JohnTheBarber
    * sweet - thanks to Edward Smith for the CF Technote that indicated the key from ColdFusion was Base64 encoded. See generateKey() for the 'fix' My task is to use Java 1.4.2 to match the results a given ColdFusion code sample for encryption. Known/given values: A 24-byte key A 16-byte salt (IVorSalt) Encoding is Hex Encryption algorithm is AES/CBC/PKCS5Padding A sample clear-text value The encrypted value of the sample clear-text after going through the ColdFusion code Assumptions: Number of iterations not specified in the ColdFusion code so I assume only one iteration 24-byte key so I assume 192-bit encryption Given/working ColdFusion encryption code sample: <cfset ThisSalt = "16byte-salt-here"> <cfset ThisAlgorithm = "AES/CBC/PKCS5Padding"> <cfset ThisKey = "a-24byte-key-string-here"> <cfset thisAdjustedNow = now()> <cfset ThisDateTimeVar = DateFormat( thisAdjustedNow , "yyyymmdd" )> <cfset ThisDateTimeVar = ThisDateTimeVar & TimeFormat( thisAdjustedNow , "HHmmss" )> <cfset ThisTAID = ThisDateTimeVar & "|" & someOtherData> <cfset ThisTAIDEnc = Encrypt( ThisTAID , ThisKey , ThisAlgorithm , "Hex" , ThisSalt)> My Java 1.4.2 encryption/decryption code swag: package so.example; import java.security.*; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.*; public class SO_AES192 { private static final String _AES = "AES"; private static final String _AES_CBC_PKCS5Padding = "AES/CBC/PKCS5Padding"; private static final String KEY_VALUE = "a-24byte-key-string-here"; private static final String SALT_VALUE = "16byte-salt-here"; private static final int ITERATIONS = 1; private static IvParameterSpec ivParameterSpec; public static String encryptHex(String value) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(_AES_CBC_PKCS5Padding); ivParameterSpec = new IvParameterSpec(SALT_VALUE.getBytes()); c.init(Cipher.ENCRYPT_MODE, key, ivParameterSpec); String valueToEncrypt = null; String eValue = value; for (int i = 0; i < ITERATIONS; i++) { // valueToEncrypt = SALT_VALUE + eValue; // pre-pend salt - Length > sample length valueToEncrypt = eValue; // don't pre-pend salt Length = sample length byte[] encValue = c.doFinal(valueToEncrypt.getBytes()); eValue = Hex.encodeHexString(encValue); } return eValue; } public static String decryptHex(String value) throws Exception { Key key = generateKey(); Cipher c = Cipher.getInstance(_AES_CBC_PKCS5Padding); ivParameterSpec = new IvParameterSpec(SALT_VALUE.getBytes()); c.init(Cipher.DECRYPT_MODE, key, ivParameterSpec); String dValue = null; char[] valueToDecrypt = value.toCharArray(); for (int i = 0; i < ITERATIONS; i++) { byte[] decordedValue = Hex.decodeHex(valueToDecrypt); byte[] decValue = c.doFinal(decordedValue); // dValue = new String(decValue).substring(SALT_VALUE.length()); // when salt is pre-pended dValue = new String(decValue); // when salt is not pre-pended valueToDecrypt = dValue.toCharArray(); } return dValue; } private static Key generateKey() throws Exception { // Key key = new SecretKeySpec(KEY_VALUE.getBytes(), _AES); // this was wrong Key key = new SecretKeySpec(new BASE64Decoder().decodeBuffer(keyValueString), _AES); // had to un-Base64 the 'known' 24-byte key. return key; } } I cannot create a matching encrypted value nor decrypt a given encrypted value. My guess is it's something to do with how I'm handling the initial vector/salt. I'm not very crypto-savvy but I'm thinking I should be able to take the sample clear-text and produce the same encrypted value in Java as ColdFusion produced. I am able to encrypt/decrypt my own data with my Java code (so I'm consistent) but I cannot match nor decrypt the ColdFusion sample encrypted value. I have access to a local webservice that can test the encrypted output. The given ColdFusion output sample passes/decrypts fine (of course). If I try to decrypt the same sample with my Java code (using the actual key and salt) I get a "Given final block not properly padded" error. I get the same net result when I pass my attempt at encryption (using the actual key and salt) to the test webservice. Any Ideas?

    Read the article

  • Monitoring for non-pgp files

    - by Aheho
    For privacy reasons, I want to prevent my users from posting unencrypted files to my ftp site. It is company policy that all data exchanges of sensitive data be encrypted with PGP. I'd like to setup a program to monitor the ftp folders and whenever a new file is placed there, verify that it is in fact encrypted. I can't just rely on the file extension because in some cases, our trading partners require a specific filename that doesn't have a .PGP on the end. Is there a library or another method I can use to verify that a given file is encrypted? I'm using C# and .NET on a windows platform.

    Read the article

  • SSL: can the secret key be sniffed before the actual encryption begins?

    - by Jorre
    I was looking into SSL and some of the steps that are involved to set up an encrypted connection between a server and a client computer. I understand that a server key and certificate is sent to the browser, and that a secret code is being calculated, like they say in the following video: http://www.youtube.com/watch?v=iQsKdtjwtYI around 5:22, they talk about a master secret code that is being calculated to start talking in an encrypted way. My question now is: before the connection is actually encrypted (the handshake phase), all communication between the server and the client can be sniffed by a packet sniffer. Isn't it then possible to sniff the encryption key or other data that is used to set up a secure connection?

    Read the article

  • How? Encrypt and Decrypt user membership passwords in ASP.NET

    - by smdrager
    We are creating a new site using ASP.NET membership provider for user registration and log in. Our old system encrypted user passwords so that we could recover them if we needed to. I am having a great deal of trouble figuring out if it is possible to use ASP.NET membership functions to simply encrypt the password when the user registers and then unencrypt it so I can see it. Documentation for this is neigh non-existant. I know how to configure Web.config to have it store passwords as encrypted ala passwordFormat="Hashed" in the provider and assigning a validationKey in the machineKey, however it seems like the password still gets hashed (though perhaps it is just well encrypted). Either way I cannot decifer how the password can be recovered (by us) if neccessary. Thanks!

    Read the article

  • How to decode U.P.S. Information from UPS MaxiCode Barcode?

    - by user46482
    I recently purchased a 2D Barcode reader. When scanning a U.P.S. barcode, I get about half of the information I want, and about half of it looks to be encrypted in some way. I have heard there is a UPS DLL. Example - Everything in bold seems to be encrypted, while the non-bold text contains valuable, legitimate data. [)01961163522424800031Z50978063UPSN12312307G:%"6*AH537&M9&QXP2E:)16(E&539R'64O In other words, this text seems OK - and I can parse the information [)01961163522424800031Z50978063UPSN123123 ... While, this data seems to be encrypted ... 07G:%"6*AH537&M9&QXP2E:)16(E&539R'64O Any Ideas???

    Read the article

  • Post data with jQuery to ASP.net, am I doing this secure enough?

    - by Wim Haanstra
    For a website I am building, I am using jQuery to post data to Generic Handlers I created for this purpose. Because you need to be logged in, to do most post actions (like 'rate a picture'), I am currently using the following technique: User visits page Page determines if user is logged in On Page_Load the page fills a hidden field with an encrypted string, which contains several needed variables, like User ID, Picture ID (of the picture they are currently viewing), the DateTime when the page was rendered. When the user clicks a "I like this picture"-button, I do a $.ajax post to my Generic Handler, with the encrypted string and the value whether or not they liked the picture. The Generic Handler decrypts the supplied encrypted string and takes a look at the DateTime to determine if it was not too long ago When everything works out, the vote is submitted to the database. In my understanding this is a pretty secure way to handle a situation like this. But maybe I am missing a very important point here. Any advice would be very welcome.

    Read the article

  • How does ecryptfs impact harddisk performance?

    - by Freddi
    I have my home directy encrypted with ecryptfs. Does ecryptfs lead to fragmentation? I have the feeling that reading files, displaying folders and login became continuously slower and slower (although it was not noticeably slow at the beginning). The hard disk makes a lot of seek noise even if I open only a text file. In /home/.ecryptfs I see many big archives (that probably contain the encrypted files), so I'm wondering if Linux file system online defragmentation gains anything here. What options do I have to increase performance? Should I decide whether I maybe better do without encryption?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >