Search Results

Search found 2195 results on 88 pages for 'encryption symmetric'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 40/88 | < Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >

  • What algorithm should I use for encrypting and embedding a password for an application?

    - by vfclists
    What algorithm should I use for encrypting and embedding a password for an application? It obviously is not bullet proof, but it should be good enough to thwart someone scanning the database with a hex editor, or make it hard for someone who has the skills to use a debugger to trace the code to work out, either by scanning for the encrypted password, or using a debugger to run through the decryption code. Object Pascal would be nice. /vfclists

    Read the article

  • Creating a small encrypted string in PHP

    - by JustJon
    I am looking to create a small encrypted string, like the referral strings used by Twitpic or bit.ly, for a website I am working on for referral purposes. Any of the built-in functions like MD5 and mcrypt each make strings that are too long for my purposes. Is there an easy way to create a string like this? Thanks.

    Read the article

  • Credit Card storage solution

    - by jtnire
    Hi Everyone, I'm developing a solution that is designed to store membership details, as well as credit card details. I'm trying to comply with PCI DSS as much as I can. Here is my design so far: PAN = Primary account number == long number on credit card Server A is a remote server. It stores all membership details (Names, Address etc..) and provides indivudal Key A's for each PAN stored Server B is a local server, and actually holds the encrypted PANs, as well as Key B, and does the decryption. To get a PAN, the client has to authenticate with BOTH servers, ask Server A for the respective Key A, then give Key A to server B, which will return the PAN to the client (provided authentication was sucessful). Server A will only ever encrypt Key A with Server B's public Key, as it will have it beforehand. Server B will probably have to send a salt first though, however I doin't think that has to be encrypted I havn't really thought about any implementation (i.e. coding) specifics yet regarding the above, however the solution is using Java's Cajo framework (wrapper for RMI) so that is how the servers will communicate with each other (Currently, membership details are transfered in this way). The reason why I want Server B to do the decryption, and not the client, is that I am afraid of decryption keys going into the client's RAM, even though it's probably just as bad on the server... Can anyone see anything wrong with the above design? It doesn't matter if the above has to be changed. Thanks jtnire

    Read the article

  • How to create digital signature that can not be used to reproduce the message twice

    - by freediver
    I am creating a client-server application and I'd like to send data from server to client securely. Using public/private key algorithms makes sense and in PHP we can use openssl_sign and openssl_verify functions to check that the data came by someone who has the private key. Now imagine that one of the actions sent by server to client is destructive in nature. If somebody uses an HTTP sniffer to catch this command (which will be signed properly) how can I further protect the communication to ensure that only commands coming from our server get processed by the client? I was thinking about using current UTC time as part of the encrypted data but client time might be off. Is there a simple solution to the problem?

    Read the article

  • crypto++ / pycrypto with google app engine

    - by Joey
    Hi, I am using crypto++ to send AES encrypted http requests to app engine, planning to decrypt them there. My plan is to encrypt the portion after the '?' so it's something like: http://myurl.com/Command?eiwjfsdlfjldkjfs when it is encrypted. However, I'm stuck figuring out how to decrypt it at the other end and still user get() on the response to get the args. Can someone advise if I am taking the wrong approach? Should I be decrypting and not using get() but my own parser then?

    Read the article

  • List modification in Python

    - by user2945143
    We are given an algorithm to modify a list of numbers from 1 to 28. There are 5 steps in the algorithm. We have written functions for each step (all correct). We need to write a function that combines all 5 steps. The algorithm modifies the list to get a value. Each time you get a new value, you use the list created by the algorithm from the previous step. This is what we have gotten so far for the code: get_card_at_top_index(insert_top_to_bottom(triple_cut((move_joker_2( move_joker_1(deck)))))) When we run the code to generate the get_card_at_top_index, the first answer is correct. However, the rest are not. Instead of using from the new list, python uses the value that it generated from the last step. What did we do wrong? UPDATE: The other 5 codes passed the tests, they are correct. Code 1 (List) = list1 Code 2 (list1) = list2 Code 3 (list2) = list3 Code 4 (list3) = list4 Code 5 (list4) = list5 we generate a number from 5. We need to run the algorithm again to generate 25 more numbers. We will use list 5 start from step 1

    Read the article

  • How do I program a hyperlink to include a username and password to the target site?

    - by Fred Griffith
    We have a website with a section restricted to members only. They log in and can view the website. Some of the information is stored on another server. We want that information to ONLY be accessible to those who have logged into the main website. What would be the best way to link the two sites, without making members log in again? Seems like there must be some way to send an encrypted username and password along with the URL in the hyperlink. Any ideas? Thank you in advance. Fred G.

    Read the article

  • Am I encrypting my passwords correctly in ASP.NET

    - by Nick
    I have a security class: public class security { private static string createSalt(int size) { //Generate a random cryptographic number RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] b = new byte[size]; rng.GetBytes(b); //Convert to Base64 return Convert.ToBase64String(b); } /// <summary> /// Generate a hashed password for comparison or create a new one /// </summary> /// <param name="pwd">Users password</param> /// <returns></returns> public static string createPasswordHash(string pwd) { string salt = "(removed)"; string saltAndPwd = string.Concat(pwd, salt); string hashedPwd = FormsAuthentication.HashPasswordForStoringInConfigFile( saltAndPwd, "sha1"); return hashedPwd; } } This works fine, but I am wondering if it is sufficient enough. Also, is this next block of code better? Overkill? static byte[] encrInitVector = new byte[] { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF }; static string encrKey = "(removed)"; public static string EncryptString(string s) { byte[] key; try { key = Encoding.UTF8.GetBytes(encrKey.Substring(0, 8)); DESCryptoServiceProvider des = new DESCryptoServiceProvider(); byte[] inputByteArray = Encoding.UTF8.GetBytes(s); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(key, encrInitVector), CryptoStreamMode.Write); cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); return Convert.ToBase64String(ms.ToArray()); } catch (Exception e) { throw e; }

    Read the article

  • Encrypt file using M2Crypto

    - by Bear
    It is known that I can read the whole file content in memory and encrypt it using the following code. contents = fin.read() cipher = M2Crypto.EVP.Cipher(alg="aes_128_cbc", key = aes_key, iv = aes_iv, op = 1) encryptedContents = cipher.update(contents) encryptedContents += cipher.final() But what if the file size is large, is there a way for me to pass the input stream to M2Crypto instead of reading the whole file first?

    Read the article

  • Is it possible to use pure Encrypting and Decrypting keys in asymmetric cryptography instead of priv

    - by macropas
    Is it possible to use pure Encrypting and Decrypting keys instead of private and public keys? As I know in .Net asymmetric RSA implementation private key RSAParameters parameters = (new RSACryptoServiceProvider()).ExportParameters(true) is a superset of public key. And using private key we can both encrypt and decrypt our data. But I need key only for decrypting data. How to do it? I experimented on nulling RSAParameters fields, but RSACryptoServiceProvider object can't import such parameters.

    Read the article

  • rsync useful w/ encrypted files?

    - by barrycarter
    Is rsync efficient for transferring encrypted files? More specifically: I encrypt 'x' with my public key and call the result 'y'. I rsync 'y' to my backup server. 'x' changes slightly I encrypt the modified 'x' and rsync the modified 'y' to my backup server. Is this efficient? I know a small change in 'x' yields a large change in 'y', but is the change localized? Or has 'y' changed so thoroughly that rsync is not much better than scp? I currently backup my "critical" files by tarring/bzipping them nightly, then encrypting the .tar.bz file and rsync'ing it to my backup server. Many of the individual files don't change, but, of course, the tar file changes if even one of the files change. Is this efficient? Should I be encrypting and backing up each file individually? That way, unchanged files will take no time to rsync.

    Read the article

  • AES and CBC in PHP

    - by Kane
    I am trying to encrypt a string in php using AES-128 and CBC, but when I call mcrypt_generic_init() it returns false. $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '',MCRYPT_MODE_CBC, ''); $iv_size = mcrypt_enc_get_iv_size($cipher); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $res = mcrypt_generic_init($cipher, 'aaaa', $iv); //'aaaa' is a test key Can someone tell me why is returning 0/false? I read the php documentation and seems correct (http://us.php.net/manual/en/mcrypt.examples.php)

    Read the article

  • Storing an encrypted cookie with Rails

    - by J. Pablo Fernández
    I need to store a small piece of data (less than 10 characters) in a cookie in Rails and I need it to be secure. I don't want anybody being able to read that piece of data or injecting their own piece of data (as that would open up the app to many kinds of attacks). I think encrypting the contents of the cookie is the way to go (should I also sign it?). What is the best way to do it? Right now I'm doing this, which looks secure, but many things looked secure to people that knew much more than I about security and then it was discovered it wasn't really secure. I'm saving the secret in this way: encryptor = ActiveSupport::MessageEncryptor.new(Example::Application.config.secret_token) cookies[:secret] = { :value => encryptor.encrypt(secret), :domain => "example.com", :secure => !(Rails.env.test? || Rails.env.development?) } and then I'm reading it like this: encryptor = ActiveSupport::MessageEncryptor.new(Example::Application.config.secret_token) secret = encryptor.decrypt(cookies[:secret]) Is that secure? Any better ways of doing it? Update: I know about Rails' session and how it is secure, both by signing the cookie and by optionally storing the contents of the session server side and I do use the session for what it is for. But my question here is about storing a cookie, a piece of information I do not want in the session but I still need it to be secure.

    Read the article

  • Save and Load Dictionary from encrypted or unreadable or binary format ?

    - by Prix
    I have a dictionary like the follow: public Dictionary<int, SpawnList> spawnEntities = new Dictionary<int, SpawnList>(); The class being used is as follow: public class SpawnList { public int NpcID { get; set; } public string Name { get; set; } public int Level { get; set; } public int TitleID { get; set; } public int StaticID { get; set; } public entityType Status { get; set; } public int TypeA { get; set; } public int TypeB { get; set; } public int TypeC { get; set; } public int ZoneID { get; set; } public int Heading { get; set; } public float PosX { get; set; } public float PosY { get; set; } public float PosZ { get; set; } } /// <summary>Entity type enum.</summary> public enum entityType { Ally, Enemy, SummonPet, NPC, Object, Monster, Gatherable, Unknown } How could I save this Dictionary to either a binary or encrypted format so I could later Load it again into my application ? My limitation is .Net 3.5 can't use anything higher.

    Read the article

  • Can I use encrypt web.config with a custom protection provider who's assembly is not in the GAC?

    - by James
    I have written a custom protected configuration provider for my web.config. When I try to encrypt my web.config with it I get the following error from aspnet_iisreg aspnet_regiis.exe -pef appSettings . -prov CustomProvider (This is running in my MSBuild) Could not load file or assembly 'MyCustomProviderNamespace' or one of its dependencies. The system cannot find the file specified. After checking with the Fusion log, I confirm it is checking both the GAC, and 'C:/WINNT/Microsoft.NET/Framework/v2.0.50727/' (the location of aspnet_iisreg). But it cannot find the provider. I do not want to move my component into the GAC, I want to leave the custom assembly in my ApplicationBase to copy around to various servers without having to pull/push from the GAC. Here is my provider configuration in the web.config. <configProtectedData> <providers> <add name="CustomProvider" type="MyCustomProviderNamespace.MyCustomProviderClass, MyCustomProviderNamespace" /> </providers> </configProtectedData> Has anyone got any ideas?

    Read the article

  • Pass certificate to j2me

    - by user326096
    I created a certificate on apache server. x.509 public key certificate RSA created using the keytool I need to pass this to a J2me app, via http. So the J2me app can encrypt data How do I do this.

    Read the article

  • Retrieving data from an encrypted text file?

    - by user
    Let's say I have a text file contains my data. data : ab bc de - encrypted data on text file : ba cb ed I want to find bc from text file, so I have to decrypt the text file with this code : SL:=TStringList.create; SL.LoadFromFile(textfile) SLtemp:=TStringList.create; for I := 0 to SL.Count - 1 do SLtemp.Add(ReverseString(SL[i])); //decrypt SL.Free; for I := 0 to SLtemp.Count - 1 do if SLtemp[i] = 'bc' then begin showmessage('found'); break; end; SLtemp.Free; I think my way is wasting resources. I have to load whole file to memory and decrypt them. I need some suggestions here to find quickly a specific line from an encrypted text. Thanks.

    Read the article

  • Encode and Decode a string in c#

    - by Jibu P C
    Hii, I had a requirement of encode a string provided to a unreadable format and also have to decode after certain action performed. I have tried 'Base64' encoding. But this is not a secure way. I need some other solutions. Give some help regarding the above context.

    Read the article

  • AES Key encoded byte[] to String and back to byte[]

    - by Tom Brito
    In the similar question "Conversion of byte[] into a String and then back to a byte[]" is said to not to do the byte[] to String and back conversion, what looks like apply to most cases, mainly when you don't know the encoding used. But, in my case I'm trying to save to a DB the javax.crypto.SecretKey data, and recoverd it after. The interface provide a method getEncoded() which returns the key data encoded as byte[], and with another class I can use this byte[] to recover the key. So, the question is, how do I write the key bytes as String, and later get back the byte[] to regenerate the key?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >