CMAC using AES-128 MAC algorithms
I am interested in IDL(International Driver's License) Applet
And,
I want to konw how to implement CMAC using AES-128 MAC algorithms in JavaCard 2.2.1, especially, JCOPv2.4.1.
Does Java Card API or JCOP API support this algorithm, CMAC using AES-128 MAC?
if not, do I should implement this algorithms as a function inside IDL Applet?
please help me.
JCOP v2.4.1 supports AES. You just need to code down what is written in the spec.
JCOP platform itself does not support AES based secure channel protocol (SCP03).
Similar Messages
-
Which steps we need to follow in order to IE 11 can send requests using AES 128.
Internet Explorer 11 by default send requests to servers using AES256 algorythm instead of using AES128 bits (used for PKI Service). Which steps we need to follow in order to IE 11 can send requests using AES 128.
Shuffling the cipher suits should do the trick.
See Prioritizing Schannel Cipher Suites
http://msdn.microsoft.com/en-us/library/windows/desktop/bb870930(v=vs.85).aspx
At a command prompt, enter gpedit.msc. The Group Policy Object Editor appears.
Expand Computer Configuration, Administrative Templates, Network, and then click SSL Configuration Settings.
Under SSL Configuration Settings, click the SSL Cipher Suite Order setting.
In the SSL Cipher Suite Order pane, scroll to the bottom of the pane.
Follow the instructions labeled How to modify this setting.
It is necessary to restart the computer after modifying this setting for the changes to take effect. The list of cipher suites is limited to 1023 characters.
examples
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P521
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P521
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_MD5
SSL_CK_RC4_128_WITH_MD5
SSL_CK_DES_192_EDE3_CBC_WITH_MD5
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
At which point you may place AES 128 suites before AES-256 suites, which is actually the default I believe even for TLS 1.2. -
How Secure Is A Disk Image Using AES-128 Encryption ?
I want to make encrypted disk images using Disk Utility.
How secure will they be ?
Good enough for state secrets ?
Can the encryption be broken ? If so, how easily ?
Could the average hacker break it easily or with great effort over a long period ?
Or would it take a team of government type experts ?
Ian the Paranoid.I would say encrypted disks are a safe option.
However, with the coming rise of quantum computers, in the wrong hands, encryption for the near future will be all but nullified.
Some safe measures to take for making your computer safer include: Changing your router's password, enabling firewall, reverse firewall, FileVault (make sure you don't lose your paswords) Firmware password, encrypted mail service, (If available from your ISP).
These are just some of the obvious. There's more and I haven't used them all. But, it just helps to be informed and work with what you can. -
Hello
I'm trying to keep the CPU down as much as possible on my ASA-5540. We're running 8.2.5 on it. We have a bout 80 active IPSec tunnels so far, all which are using AES-256 bit for phase1/2, 75 of the tunnels are mostly ezy vpn connections. Currently the CPU during peak usage is averaging around 22%. We're planning on having over 1000 IPsec connections, mostly will be remote vpn access with about 170 of them ezy vpn and 250 l2l tunnels.
Is there any noticable CPU performance gain by using AES-128 bit instead of AES-256 on the phase2?
Thanks,
JohnJust wondering if someone out there has noticed any performance gains by using AES-128 instead of AES-256. I'm trying standardize on a policy going forward.
Thanks! -
What is the best encryption algorithm to use on a Mac
If I'm using a program like cryptor-1.51, what is most reliable encryption algorithm I could use with it?
Ask the developer. BTW, they claim you can use Blowfish, RC2, RC4, RC5, DES, and AES
(128,192 and 256-bit) encryption schemes. -
Encrypt and Decrypt Card Number using AES 256 algorithm
Dear All,
I have a table in Sql Server database. in that table storing
Card_Information. This information is secured so that need to encrypt that data in sql server table.
Can some one help on Encrypting and decryption process using AES 256 algorithm.
Regards, PraveenHello,
See MSDN Cryptographic Functions (Transact-SQL) for all available en-/decryption function in SQL Server.
Olaf Helper
[ Blog] [ Xing] [ MVP] -
Single sign on using AES or Triple DES algorithm.
Hello all-
At my client place we have to setup a Single Sign On Functionality to an external system. The link will be on the portal page for the employees to click. This functioanlity has to be done by either AES (Advanced Encryption Algorithm) or Triple DES algorithm.
When the user clicks the SSO link on the portal page, the BSP application should implement any of these two above mentioned encryption algorithms and post the encrypted key appended to the third party URL. Then the third party system will decrypt and verify the user who is requesting the information and accordingly either allow or deny.
If anyone has any info on this please revert back.
Thank you very much for the help.
Ramesh.Hi Ramesh,
Did u get any clarification regarding Standard Triple DES algorithm.
If yes,Please let me know.
Thanks,
JOhny lever -
Can I recover an AES-128 encrypted disk image from the 'trash'?
I am a college student and I created an AES-128 encrypted disk image file (.dmg, .sparseimage) to store all my assignments and things. Unfortunately, while cleaning out my computer, I accidentally put the file in the trash without noticing and then proceeded to empty the trash. I then turned to the application 'MacKeeper' and used it's 'undelete' function but I could not find the file. It is very very important that I recover this file. I desperately need help.
You might have better luck with something stronger.....
http://www.macupdate.com/app/mac/10259/data-rescue
....I have not used it....(lucky) -
How to create SecretKey for AES 128 Encryption based on user's password??
I have written a below program to encrypt a file with AES 128 algorithm. This code works fine. It does encrypt and decrypt file successfully..
Here in this code I am generating SecretKey in the main() method with the use of key generator. But can anybody please tell me how can I generate SecretKey based on user's password?
Thanks in Advance,
Jenish
import java.io.InputStream;
import java.io.OutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectOutputStream;
import java.io.ObjectInputStream;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import java.security.spec.AlgorithmParameterSpec;
public class AESEncrypter
Cipher ecipher;
Cipher dcipher;
public AESEncrypter(SecretKey key)
// Create an 8-byte initialization vector
byte[] iv = new byte[]
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
try
ecipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
// CBC requires an initialization vector
ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
catch (Exception e)
e.printStackTrace();
// Buffer used to transport the bytes from one stream to another
byte[] buf = new byte[1024];
public void encrypt(InputStream in, OutputStream out)
try
// Bytes written to out will be encrypted
out = new CipherOutputStream(out, ecipher);
// Read in the cleartext bytes and write to out to encrypt
int numRead = 0;
while ((numRead = in.read(buf)) >= 0)
out.write(buf, 0, numRead);
out.close();
catch (java.io.IOException e)
public void decrypt(InputStream in, OutputStream out)
try
// Bytes read from in will be decrypted
in = new CipherInputStream(in, dcipher);
// Read in the decrypted bytes and write the cleartext to out
int numRead = 0;
while ((numRead = in.read(buf)) >= 0)
out.write(buf, 0, numRead);
out.close();
catch (java.io.IOException e)
public static void main(String args[])
try
// Generate a temporary key. In practice, you would save this key.
// See also e464 Encrypting with DES Using a Pass Phrase.
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
SecretKey key = kgen.generateKey();
// Create encrypter/decrypter class
AESEncrypter encrypter = new AESEncrypter(key);
// Encrypt
encrypter.encrypt(new FileInputStream("E:\\keeper.txt"),new FileOutputStream("E:\\Encrypted.txt"));
// Decrypt
encrypter.decrypt(new FileInputStream("E:\\keeper.txt"),new FileOutputStream("E:\\Decrypted.txt"));
catch (Exception e)
e.printStackTrace();
}sabre150 wrote:
[PKCS12|http://www.rsa.com/rsalabs/node.asp?id=2138]
[PKCS5|http://www.rsa.com/rsalabs/node.asp?id=2127] , no?
In Java, you can use the [Password-based encryption PBE Cipher classes|http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#PBEEx] . I think you'll need the bouncycastle provider to get AES-based PBE ciphers. -
Brand new to the iPad. It's asking for a password to the WiFi network in my home. There is no "password" as such associated with this WiFi network. It uses WEP 128 bit encryption where each byte is a hexadecimal number and is called a "key" Typing this lengthy thing in gives me no results. The iPad keeps on asking for a password. I have three computers and a DVD hooked to the network which has been working for a decade, so that's not the issue.
Basically I'm stuck not being able to get onto the WiFi system.iOS 6 Wifi Problems/Fixes
Fix For iOS 6 WiFi Problems?
http://tabletcrunch.com/2012/09/27/fix-ios-6-wifi-problems/
Did iOS 6 Screw Your Wi-Fi? Here’s How to Fix It
http://gizmodo.com/5944761/does-ios-6-have-a-wi+fi-bug
How To Fix Wi-Fi Connectivity Issue After Upgrading To iOS 6
http://www.iphonehacks.com/2012/09/fix-wi-fi-connectivity-issue-after-upgrading- to-ios-6.html
iOS 6 iPad 3 wi-fi "connection fix" for netgear router
http://www.youtube.com/watch?v=XsWS4ha-dn0
Apple's iOS 6 Wi-Fi problems
http://www.zdnet.com/apples-ios-6-wi-fi-problems-linger-on-7000004799/
~~~~~~~~~~~~~~~~~~~~~~~
Look at iOS Troubleshooting Wi-Fi networks and connections http://support.apple.com/kb/TS1398
iPad: Issues connecting to Wi-Fi networks http://support.apple.com/kb/ts3304
WiFi Connecting/Troubleshooting
http://www.apple.com/support/ipad/wifi/
How to Fix: My iPad Won't Connect to WiFi
http://ipad.about.com/od/iPad_Troubleshooting/ss/How-To-Fix-My-Ipad-Wont-Connect -To-Wi-Fi.htm
iOS: Connecting to the Internet
http://support.apple.com/kb/HT1695
iOS: Recommended settings for Wi-Fi routers and access points http://support.apple.com/kb/HT4199
Additional things to try.
Try this first. Turn Off your iPad. Then turn Off (disconnect power cord for 30 seconds or longer) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
Go to Settings>Wi-Fi and turn Off. Then while at Settings>Wi-Fi, turn back On and chose a Network.
Change the channel on your wireless router (Auto or Channel 6 is best). Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
Another thing to try - Go into your router security settings and change from WEP to WPA with AES.
How to Quickly Fix iPad 3 Wi-Fi Reception Problems
http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
If none of the above suggestions work, look at this link.
iPad Wi-Fi Problems: Comprehensive List of Fixes
http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
Fix iPad Wifi Connection and Signal Issues http://www.youtube.com/watch?v=uwWtIG5jUxE
Fix Slow WiFi Issue https://discussions.apple.com/thread/2398063?start=60&tstart=0
Unable to Connect After iOS Update - saw this solution on another post.
https://discussions.apple.com/thread/4010130
Note - When troubleshooting wifi connection problems, don't hold your iPad by hand. There have been a few reports that holding the iPad by hand, seems to attenuate the wifi signal.
~~~~~~~~~~~~~~~
If any of the above solutions work, please post back what solved your problem. It will help others with the same problem.
Cheers, Tom -
Using AES - Creating password?
Hello everyone,
What I want to do is encrypt data using AES, and encrypt it with a password, like making a Key be a certian String. Instead of using a generated key, because I want people to be able to view this whenever,
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
SecretKey skey = kgen.generateKey();Instead of generating a key, I want to be able to use a password like "test" or anything like that. But I don't see how I can do that, I think I am just missing something.
Thanks for any help,
ON a side note: If anybody can tell me how I can use AES 256, that would be great but its not that important.Now I get an error, this is the code that the error is surrounding
KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128); // 192 and 256 bits may not be available
// Generate the secret key specs.
//Key password = kgen.
char[] SecretPhrase ={'M', 'y', 'P', 'a', 's', 's', 'w', 'o', 'r', 'd'};
PBEKeySpec pbeKeySpec = new PBEKeySpec(SecretPhrase);
SecretKeyFactory skeyFactory = SecretKeyFactory.getInstance("DES");
SecretKey secretKey = skeyFactory.generateSecret(pbeKeySpec);
//SecretKey skey = kgen.generateKey();
byte[] raw = secretKey.getEncoded();
// String password = "test";
// byte[] pass = password.getBytes();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
// Instantiate the cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);The error
Exception in thread "main" java.security.spec.InvalidKeySpecException: Inappropriate key specification
at com.sun.crypto.provider.DESKeyFactory.engineGenerateSecret(DashoA13*..)
at javax.crypto.SecretKeyFactory.generateSecret(DashoA13*..)
at EncryptionMethods.Main.main(Main.java:60)Line 60 is
SecretKey secretKey = skeyFactory.generateSecret(pbeKeySpec); -
Hi All,
we are running security assessment on Cisco ISE 1.2.1 using nessus software, and we found out that is a SSH weak MAC algorithms detect, how can we disable md5, md5-96, sha1-96. we have also enable "service sshd key-exchange-algorithm diffie-hellman-group14-sha1" in CLI and restart appliance but still face same issue, need this resolve.
kindly advice.
service sshd enable
service sshd key-exchange-algorithm diffie-hellman-group14-sha1im having this same issue..is there a solution for this.
-
When duplicating a dvd, Disk Utility asks me to choose from 2 encryption options: "none" or "AES-128 (recommended)". If the latter is recommended, why isn't it the default. I chose "none". What did I lose/give up by not choosing the AES-128 option? thanks
Turning on encryption for a disk image makes it difficult for the image to be accessed by someone who doesn't know the password. If you burn the image's contents to a DVD just after making it, the encryption method used won't matter, and will only slow down the process because the data needs to be decrypted during the burn.
(11205) -
Using a different .Mac account in iPhoto
We have a .Mac family pack. My wife and I each have a personal account and we would like to use a completely different .Mac account to post our web galleries, but I don't want to have to create a new user on my Mac just to use iPhoto. Is there a way that iPhoto can use a different .Mac account than the one associated with my user account on my computer to publish galleries?
Thanks,
AaronFor POP:
The following mail server settings will work with all AT&T email domains: @ameritech.net, @att.net, @bellsouth.net, @flash.net, @nvbell.net, @pacbell.net, @prodigy.net, @sbcglobal.net, @snet.net, @swbell.net, @wans.net.
Email Program Settings Field:
Enter:
Incoming (POP)
inbound.att.net
Outgoing (SMTP)
outbound.att.net(requires authentication)
Incoming mail server:
POP3
Incoming/Outgoing User Name:
Full AT&T email address, including domain (e.g., [email protected], [email protected])
Incoming mail port #:
995, secure connection (SSL) checked
Outgoing mail port #
465, secure connection (SSL) checked
I assume the settings you are refering to gives that delay for marking the messages as read when highlighted for that period of time. Probably for scrolling through the list without changing the unread status. Lion doesn't have that selection, so I can't test that at the moment. -
What the ****.
OK, I try to change a template using Word for Mac version 14.3.4 2011 edition.
I make a change to the template but am unable to save the darned thing to the template folder; it asks for a file name like it's a new document. I want to change the blasted template but if I can't save it as a modified template, I've accomplished nothing.
Does anyone have a solution?
ThanksSupport for Microsoft Office for Mac
Maybe you are looking for
-
Any Mini DisplayPort to HDMI adapter with audio for macbook pro mid 2009
connecting MacBook Pro (15-inch, Mid 2009) to Hisense TV with audio?!?!!? hello everyone. if anyone is familar with successfully getting the older macbook pros that dont support audio out to stream and preform digital audio on a TV or has any helpful
-
When I watch certain video services like amazon or Netflix and enter full screen, when I move the cursor a video menu pops up on the bottom of the screen and won't disappear until the cursor goes offscreen. But my cursor won't go fully off screen. Ju
-
Hello, I have create a optional variable of type user entry on char 0plant it is a standard variable 0S_PLANT in the report is build on the ODS in 3.5 . when the user executing the report without entering any value into this value its trigger a auth
-
Firefox cannot load certain websites
Dear FireFox supporters . First of all, I would like to apologize for my bad english, it is not my nativ language. I have FF22 on Windows 7 . I don't know what happen but Suddenly some site couldn't be on opened , For example i can open Youtube & Goo
-
OSX Lion & Brother Scanner DSmobile 600 will not install driver
OSX Lion 10.7.2 Hardware: Brother DSmobile 600 (USB) Software Driver: DSmobile600_Mac_1_2_4.dmg (OSX 10.6-10.7) Scanner driver does not install - Scanner does not work Procedure Launch the Brother installer - goes through install procedure - forces