Question about encrypt/decrypt

Similar Messages

• Encrypt & Decrypt XML files

  Hi All,
  I am new to the cryptography. I have one application which will transfer XML files from the machines which uses Windows/Java platform to the machines which uses Linux/C and also vice versa.
  I want to encrypt the files before transfer and decrypt the files after transfer on both the sides. Is there a common technology for handling this? Any info? Thanks in adv.
  -Bh_t_76

  So, I thought of getting ideas from the people who
  have already done similar work. I think the forums
  are meant for that. The topic is too broad. The forums are normally for specific problems and your request requires at least one book as an answer.
  If you know nothing about encryption then you need to find and read books on the subject. Not just Java books, but general encryption books. There are plenty out there of various standards.
  One of the books in my library is http://www.schneier.com/book-applied.html but you may want to start with something a little less weighty. Visit http://www.crypteon.co.uk/cryptography-books.htm to get some ideas.
  Once you have a basic understanding of modern cryptography then study the JCE tutorial and come back with specific questions.

• Better Encryption/Decryption Method - SMIME or PGP ?

  1. Which is the default encryption/decryption method provided in BizTalk Server ?
  2. What is PGP Encryption/Decryption ?
  3. What is SMIME Encryption/Decryption ?
  4. Which is better out of the two ?

  There is no default encryption/decryption method provided in BizTalk Server. BizTalk uses encryption/decryption using certificates (when you use certificates ). More about them here.
  BizTalk Server : Encrypting and Decrypting a Message.
  Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.
  Soruce: Wiki. In Specific to BizTalk, messages are encrypted/decrypted at the entry point into BizTalk, right place is in pipeline using custom pipeline component. There is one available
  which you can learn more here.
  https://code.msdn.microsoft.com/windowsdesktop/BizTalk-Sample-PGP-ebcbc8b2. Also there is a thrid party adapter and pipeline component available to implement extensive suite of PGP features in BizTalk-
  https://www.eldos.com/bizcrypto/biztalk-pgp-adapter-pipeline.php
  S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for
  public keyencryption and
  signing of MIME data. S/MIME is on an
  IETFstandards track and defined in a number of documents, most importantly RFCs 3369, 3370, 3850 and 3851. S/MIME was originally developed by
  RSA Data Security Inc.
  soruce Wiki. In BizTalk, when you use certificates with two-key security, it supports public key encryption of outbound messages and decryption of inbound messages based on Secure Multipurpose
  Internet Mail Extensions (S/MIME). BizTalk Server uses S/MIME version 3 for encryption of outbound messages, and S/MIME versions 2 and 3 for decryption of inbound messages. Reference:
  http://msdn.microsoft.com/en-us/library/aa559843.aspx
  When you discuss about which is more native, I would choose S/MIME which can be implemented with certificates and out-of-MIME pipeline components. 
  If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply.

• Questions about using Bitlocker without TPM

  We currently use Bitlocker to encrypt our Windows 7 computers with TPM. Now we are looking at encrypting some Windows 7 computers without a TPM. I see how to change the group policy setting to allow Bitlocker without a TPM. I have looked at a lot of other
  threads and I have a few questions about how the Bitlocker without TPM works.
  1) I see a USB drive containing a key is required for Bitlocker configurations without a TPM, say the end user loses this USB drive, what are the recovery options for their computer? 
  This article seems to indicate that without the USB drive connected, you are unable to even access recovery options http://blogs.technet.com/b/hugofe/archive/2010/10/29/bitlocker-without-tpm.aspx
  We have recovery backed up to AD when Bitlocker is enabled, but how could we do this recovery on a computer on computer where it's USB is lost? Would we have to remove the HD itself and attach it to another computer to access?
  2) After enabling Bitlocker on a computer without a TPM and using the USB Drive for the key, is there a way to also add a PIN or password protection at bootup?

  Hi,
  Sorry for my dilatory reply, 
  Configuring a startup key is another method to enable a higher level of security with the TPM. The startup key is a key stored on a USB flash drive, and the USB flash drive must be inserted every time the computer starts. The startup key is used to provide
  another factor of authentication in conjunction with TPM authentication. To use a USB flash drive as a startup key, the USB flash drive must be formatted by using the NTFS, FAT, or FAT32 file system.
  You must have a startup key to use BitLocker on a non-TPM computer.
  From: http://technet.microsoft.com/de-de/library/ee449438(v=ws.10).aspx#BKMK_Key
  For more Q&A about BitLocker, you can refer to the link above.
  hope this is helpful.
  Roger Lu
  TechNet Community Support

• How to resolve bug RC4 encrypt-decrypt on iPAD with AIR15 only

  Hi everybody,
  I have some trouble with AIR15 only, In the past, I created a small game on iPad It could send or receive messge from server. I used lib as3crypto.swc encrypt or decrypt message (RC4). But when I upgrade to AIR15 encrypt-decrypt cannot work ( Another thing about this crash is that it only happens with a release (adhoc or appstore) build but NOT with a debug build). I check so many time but i don't know what is problem here.
  Please help me, thanks so much any advice.
  P/S: My game have many swf files (code and resource). I must combine multiple SWF files into one.
  Class RC4.as
  import com.hurlant.crypto.prng.ARC4;
  import com.hurlant.util.Base64;
  import com.hurlant.util.Hex;
  import flash.utils.ByteArray;
  public class RC4
    private static const key:String = "keytest";
    private static var byteKeys:ByteArray = Hex.toArray(Hex.fromString(key));
    private static var rc4:ARC4 = new ARC4();
    public static function encrypt(clearText:String):String
    var byteText:ByteArray = Hex.toArray(Hex.fromString(clearText));
    rc4.init(byteKeys);
    rc4.encrypt(byteText);
    return Base64.encodeByteArray(byteText);
  public static function decrypt(encryptedText:String):String
    var byteText:ByteArray = Base64.decodeToByteArray(encryptedText);
    rc4.init(byteKeys);
    rc4.decrypt(byteText);
    return Hex.toString(Hex.fromArray(byteText));

  Sorry, exact message is "this movie could not be played".
  There are hundreds of posts about this message but no one states a clear solution to the problem.
  Your help will be much appreciated.
  Thank you.

• Legality questions about Home Sharing

  I have some legality questions about Apple's Home Sharing technology.
  As I understand it, you can share (that is, copy it from one computer to another) your music, movies, applications and other iTunes-managed files amongst five computers. The only 'trick' is that each computer must have an iTunes Store account and must be logged in in order for it to work.
  My question concerns the copying aspect and the legality of it. For content that was purchased through the iTunes Store I can see how Home Sharing can provide a limitation on content sharing, since all of the machines would need to be connected to Apple's servers in order for the validation process to happen. But what about content that was added to iTunes through other means, e.g., ripping my own CDs or converting my DVDs? These items can still be copied via Home Sharing and as there's no DRM on them there's no way they can be protected against "illegal" or "unauthorized" use.
  It was my understanding that if I gave a copy of a song to someone else, that's illegal. Apple's Home Sharing technology seems to facilitate this action. If I rip a CD or DVD into iTunes and someone copies it out, isn't that making an illegal copy? Can I be held liable for distribution of content?
  And how far does this extend? If I live in a house with four unrelated people, are they legally (?) allowed to copy music and media amongst each another? Is there a perceived or actual difference between using Home Sharing to copy a movie versus, say, using a USB flash drive? And what if one of them moves out? Am I legally obligated to go through that person's hard drive and remove content that they copied from me before they leave the building?
  Does Home Sharing somehow retroactively change the copyright application on a given CD or DVD? Most of my CDs and DVDs contain notices and warnings against distributing copies. Can these warnings now be ignored, or at least amended with "...unless you're using iTunes Home Sharing" at the ends of them?
  I am not trying to stir up a hornet's nest here. I'm only trying to better understand the legal issues surrounding Home Sharing and particularly how they relate to unprotected content. It seems very contradictory that the RIAA and MPAA would be fighting so hard against peer-to-peer services like BitTorrent and Gnutella while apparently allowing peer-to-peer services through iTunes Home Sharing.
  Furthermore, I also understand that the intention of this system was to allow families who are living together to have common access to all of the "household" music, but my issues aren't about this. I envision, for example, a college dorm building where there's several hundred people living together on the same network subnet, and all of them have Home Sharing enabled and everyone is copying thousands and thousands of songs to/from one another. Is this now legal?
  Any insights would be appreciated. Thanks.

  If I rip a CD or DVD into iTunes and someone copies it out, isn't that making an illegal copy?
  RIPping of commercial, encrypted DVDs (most of them) is illegal to begin with. Or rather, breaking the encryption on a DVD is illegal and in order to RIP the DVD, you must break the encryption. SO you have already "broken the law" by having a copy on your computer.
  Most of my CDs and DVDs contain notices and warnings against distributing copies.
  Most of your DVDs have a notice about even simply making a copy, not only distributing copies.
  Much of your post has been cussed and discussed by many, many people (lawyers, corporations, organizations, individuals, etc.) and no one has come (or likely ever will come) to a complete agreement.
  Generally, "sharing" in the same house hold amongst family members seems to be okay. Outside the same household/family is almost always not okay.
  I envision, for example, a college dorm building where there's several hundred people living together on the same network subnet, and all of them have Home Sharing enabled and everyone is copying thousands and thousands of songs to/from one another. Is this now legal?
  No.
  This is exactly what Napster was and why they were sued & shut down.
  I imagine Apple lawyers have done their homework as well as consulted with the labels to discuss these exact issues.
  And it's called "Home Sharing" to indicate that it is not "Dorm Sharing" or "Workplace Sharing", or even simply "Library Sharing"etc. even though it may be possible to use it in other places than the Home.
  Users on other computers need to know your iTunes ID and password to enable it Home Sharing. Likely this is how Apple got the lables to be okay with it.
  Are you gonna give (and get) dozens/hundreds/thousands/any other users your iTunesID & password?
  You can contact Apple Legal here -> http://www.apple.com/legal

• Question about internet security...please help!

  Hi everyone,
  I have a question about the macbook's internet security.
  A few days ago I became aware that my sibling was using a laptop for internet use at my house which he got from a person that I do not trust. He is very computer-savy and we're worried that he may have installed some form of spy ware on that laptop and in turn, may have tried (or succeeded) in accessing my Macbook through some form of spyware. My house is hooked up with a D-Link wireless router, and at the time, it had no internet/access-password.
  So my question is, could this person have accessed my computer and personal information remotely by and through the laptop that my sibling got from him. I was under the impression that Mac's have very strong firewalls, but I have also heard that as long as he knew what he was doing, he could have accessed my computer. I don't have a wireless "network" set up at my house, I just simply use the router for internet. But my sibling told me that this guy was his "network administrator" which leads me to believe that he must have had remote access to the laptop.
  Can anyone with knowledge on this problem please weigh in and let me know what I need to do to confirm that no one has accessed anything from my macbook.
  Thanks!

  One option if you want to be extra safe is turning on FileVault (System Preferences -> Security), which will encrypt everything on your computer so that if somehow someone does gain access to your computer they will have a next to zero chance of being able to read anything they get from your computer. You have to have a lot of extra hard drive space on your computer to turn it on though.
  Also, a "network" is just a connection between computers, regardless of the internet is involved or not. So when you connect your computer to the router which gives you the internet, you are putting your computer on a network. Now I believe that in order for this person whom you don't trust to gain remote access to your computer, they would have to have more information such as an IP address for your computer, through the router in order to get to it.
  One thing I think is very important to consider that isn't on the technical side of things is something called "Social Engineering" which is a form of cracking, or hacking. You can do your own research, but in a nutshell Social Engineering is getting people that have access to something I'm trying to hack to give me information. For instance, this person you don't trust could be giving your brother the computer in the hopes that he will download something through your router to that laptop which could give him IP addresses and other information. And then when he gets that laptop back he could scan it for useful information and your brother wouldn't know he did anything wrong at all. The best way to avoid this is purely education and communication. Even if your brother doesn't share the same suspicions about this person, surely he will understand the need to be careful and smart when it comes to sharing personal information in the digital world.

• Help ! Need PCI Encryption/Decryption Controller Driver for New HP 355 G2 (AMD) w/Win 7 Pro 64 Bit

  Just rebuilt new HP 355 G2 to Win 7 64 bit.  The ONLY driver I can not locate or get to work is the PCI Encryption/Decryption Controller. I installed all latest drivers for this model/OS from both HP and AMD sites still no luck. AMD autodetect utility and Catalyst software installed all other drivers successfully except this one and when completes says all drivers, including chipset, are installed successfully and current.
  I am at a complete loss where to get this driver from a OEM site, can you help ?
  Device ID's:
  PCI\VEN_1022&DEV_1537&SUBSYS_15371022&REV_00
  PCI\VEN_1022&DEV_1537&SUBSYS_15371022
  PCI\VEN_1022&DEV_1537&CC_108000
  PCI\VEN_1022&DEV_1537&CC_1080
  Thanks !!!
  This question was solved.
  View Solution.

  Hi:
  You need to run this driver and then manually install it.
  http://h20565.www2.hp.com/hpsc/swd/public/detail?swItemId=vc_133833_1
  To manually install the driver go to the device manager and click on the PCI Encryption/Decryption Controller needing the driver.
  Click on the driver tab.  Click on Update Driver.
  Select the Browse my computer for driver software option, and browse to the driver folder that was created when you ran the file.
  That folder will be located in C:\SWSetup\sp66974.
  Make sure the Include Subfolders box is checked, and the driver should install.
  Then reboot.

• Encrypt / Decrypt password

  Hi
  I'm new in Java and I need to create a function to encrypt / decrypt passwords using the Blowfish algorithm. I know how to create a key, but I don't know how to recover it to decrypt the password.
  Another question, Is it possible to use public/private keys in this case???.
  Can you give some links or examples please???
  Regards
  J.C.

  This is typically done either one of two ways:
  1) PBE based encryption. This uses a password or pass phrase to derive
  a key to use with a symmetric algorithm.
  2) Asymmetric using something like RSA. Typically RSA is used to wrap
  the actual symmetric key used to do the encryption but for very short
  plaintext it can be used directly on the plaintext. Passwords are a
  good example of short plaintext.
  Obviously symmetric encryption is a great deal faster than asymmetric
  encryption. So if your plaintext was large you would want to use
  symmetric. Also Asymmetric encryption is length dependant. AKA if your
  public key's modulus is 1024 bits then you could encrypt any plaintext
  that was 121 bytes or shorter.
  PBE takes a salt (a random byte array) and an iteration count and
  hashes a passphrase with the salt iteration number of times to generate
  a key that can be reproduced over and over again and used with a
  symmetric algorithm. The issue here is that your salt/ic either need
  to be hard coded and reused or the values for any single encryption
  need to be saved along with the ciphertext. Using the same ic/salt for
  a large number of plaintext to ciphertext operations can lead to a
  weakening of the pass phrase (aka the key) and aids a cryptoanalyst in
  breaking the code. Although it is still difficult it becomes easier
  with each successive encryption.
  Its upto you which route you take but you should note that private keys
  used in asymmetric encryption use PBE to keep them private anyway so in
  a sense if you use asymmetric encryption you are really using both
  asymmetric encryption and PBE...

• Encrypt/decrypt

  Hello!
  I have been trying to use this syntax for encrypting/decrypting BUT I get different values all the time even if I use the same String. I would be really glad if anyone could help me to tell me why. What I want to use this encrypt/decrypt/ is to make some info unreadable in my database but I want to be able to decrypt the info.
  -----------------------------syntax----------------------------------------------------------------------
  SecretKey key=null;
  try{
  key = KeyGenerator.getInstance("DES").generateKey();
  }catch(Exception e){}
  DesEncrypter d= new DesEncrypter(key);
  -----------------------------My cryptClass--------------------------------------------------------
  public class DesEncrypter {
  Cipher ecipher;
  Cipher dcipher;
  DesEncrypter(SecretKey key) {
  try {
  ecipher = Cipher.getInstance("DES");
  dcipher = Cipher.getInstance("DES");
  ecipher.init(Cipher.ENCRYPT_MODE, key);
  dcipher.init(Cipher.DECRYPT_MODE, key);
  } catch (javax.crypto.NoSuchPaddingException e) {
  } catch (java.security.NoSuchAlgorithmException e) {
  } catch (java.security.InvalidKeyException e) {
  public String encrypt(String str) {
  try {
  // Encode the string into bytes using utf-8
  byte[] utf8 = str.getBytes("UTF8");
  // Encrypt
  byte[] enc = ecipher.doFinal(utf8);
  // Encode bytes to base64 to get a string
  return new sun.misc.BASE64Encoder().encode(enc);
  } catch (javax.crypto.BadPaddingException e) {
  } catch (IllegalBlockSizeException e) {
  } catch (UnsupportedEncodingException e) {
  } catch (java.io.IOException e) {
  return null;
  public String decrypt(String str) {
  try {
  // Decode base64 to get bytes
  byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
  // Decrypt
  byte[] utf8 = dcipher.doFinal(dec);
  // Decode using utf-8
  return new String(utf8, "UTF8");
  } catch (javax.crypto.BadPaddingException e) {
  } catch (IllegalBlockSizeException e) {
  } catch (UnsupportedEncodingException e) {
  } catch (java.io.IOException e) {
  return null;
  thanks in advance!

  I don't understand caffeiene's answer but maybe it will help you. It seems to me that you need to encrypt and decrypt the same way across application sessions, etc. Therefore you will need to store your key outside of the application in a file on the server. So you'll have to use a key generator that will let you save the key to a file. That's about all the detail I can give you since I've never worked directly with cryptography. Obviously you'll need to make sure the server is behind a good firewall, or whatever other security measures you deem appropriate to protect the key. It seems unsecure, but you have to persist the key, because otherwise if the app server crashes then the data in the db will be inaccessible.

• Encrypt/decrypt streams with same password

  Hi all!
  I'would like to know if I can encrypt/decrypt streams using key's which are hardwired in my application. By a hardwired key I understand a key which is generated using the same seed; practically I don't keep the key, but the minimum info to regenerate it.
  Is this possible and if yes, how? Where can I find some more info about regenerating a key?
  Stefan.
  PS: I'm a newbie in field of cryptography, so...

  You can use password-based encryption. See an example
  of such a thing in:
  http://javaalmanac.com/egs/javax.crypto/PassKey.html
  Erm, what sort of encryption isn't password-based ?

• Encrypt/Decrypt BLOB

  Hello experts
  Can anyone help write a stored procedure that can encrypt/decrypt binary data.
  I want to pass in an ID and a key and have the procedure decrypt the data and return unencrypted binary data (serve straight to browser). Then a procedure to do the opposite, take some binary data, encrypt and store - then give me back the ID?
  I'm not sure about key management yet - your advice is appreciated
  Thanks for any help
  Matt

  Here's the retrieve code:
  create or replace package image_get
  as
  procedure gif( p_id in demo.id%type );
  end;
  create or replace package body image_get
  as
  procedure gif( p_id in demo.id%type )
  is
  l_lob blob;
  l_amt number default 30;
  l_off number default 1;
  l_raw raw(4096);
  begin
  select theBlob into l_lob
  from demo
  where id = p_id;
  -- make sure to change this for your type!
  owa_util.mime_header( 'image/gif' );
  begin
  loop
  dbms_lob.read( l_lob, l_amt, l_off, l_raw );
  -- it is vital to use htp.PRN to avoid
  -- spurious line feeds getting added to your
  -- document
  htp.prn( utl_raw.cast_to_varchar2( l_raw ) );
  l_off := l_off+l_amt;
  l_amt := 4096;
  end loop;
  exception
  when no_data_found then
  NULL;
  end;
  end;
  end;

• XML encrypt/decrypt

  Hi All,
  I'm a newbie, and want to know if the output XML file (UUT test report) from TestStand can be encrypted without using any third party software?
  Actually I want to know if TestStand itself supports encryption/decryption of XML?
  And if TestStand doesn't supports, is there any work around for this requirement?
  I am not allergic to Kudos, in fact I love Kudos.
   Make your LabVIEW experience more CONVENIENT.

  Hello,
  Encryption in XML file is required to encrypt the various configuration parameter values so that a user cannot view / edited it external outside the to the test application. By making use of Private / Public keys data would be encrypted.This key will be exchanged between TestStand & XML to decrypt & display it to user.
  See additional details on XML encryption on : http://www.w3.org/TR/xmlenc-core/
  We can encrypt the step result using LabVIEW encryption example --> http://zone.ni.com/devzone/cda/epd/p/id/3473
  My question now is --> How to include the customize XML report header to include the encryption standard?
  I saw many articles to make use of "ModifyReportHeader". Can someone furnish me with a working example of modifying the header through TestStand? I tried ... but in Vain..

• Questions about Access Manager tutorials available in netbeans site

  Hi
  Thank you for reading my post
  I have some questions about two tutoral which i find in :
  http://www.netbeans.org/kb/55/amsecurity.html and
  http://www.netbeans.org/kb/55/amsecurity-liberty.html
  here is my problem :
  we have some web services, now we want to have authentication applied for consumer who try to access our web services.
  we need to have most possible flexibility because we may deploy the server for a customer with an already established Identity database ( Database Table with user details)
  Also we need to have Transport level security using SSL.
  I read and studied both of them and now i have some questions :
  -I think Securing Web Services Using the SAML or UserNameToken is what we need for authentication and autorization of web service consumers?
  is that right?
  -Does Sun Java System Access Manager provide flexibility to authenticate user/password with a database table content?
  -How we can apply roles in Sun Java System Access Manager when we authenticate users ?
  Thanks

  Imagine that we want to have an end to end security for our web services
  we thought that we could use message level encryption to protect the soap message and also we should protect our web services from un-authenticated acess,
  we will use userName token for this.
  Our customer has large database which contains many user/password and role of those users.
  some of web services should be available to higher role (manager) and not for all users.
  so we should check a user role before we allows him/her to access a web service.
  my question is whether Sun Access manager can help us with this? or there are other configuration or packages that we should apply to have this feature.
  to explain more :
  our client side is a swing application, users enter username/password to login into system. after they loged in, we send user/pass every time user want to request some data from some services. (is it good to send user/pass every time?)
  We want Sun Access Manager to handle users authentication .
  We also need to handle role related authorization, can Sun access manager handle this?
  Thanks

• Encrypt/decrypt same file with two different passwords

  Hi everyone:
  I'm quite new to Java and cryptography in general and have a theoretical question. Is the following scenario possible and how would it be implemented:
  Two users with two passwords (say, a regular user and a superuser) encrypt, decrypt, read from and write to the same file. The secret key for encryption and decryption should be based on their passwords (generated from their passwords), i.e. not stored anywhere on the system.
  I've been racking my brains but can't think of a way. Am I missing an obvious solution?
  Can it be done?
  Thanks,
  Michael

  I don't think you can avoid having more than just a password hash stored on the system. Using a combination of my approach and Jeff's approach I can implement this as long as you allow a password protected key store to be stored on each system. A given user's key store would contain his RSA private key and associated public key together with the admin user's RSA certificate (thought the admin user's public key could be stored in the program since it does not have to be kept private). The admin user's key store would contain only his RSA private and public keys.
  Assume that the data file is to be create by a standard non-admin user. His code performs the following actions -
  1) Generates a random symmetric algorithm key. Say a 128 bit AES key.
  2) He write a digest of this to the output file.
  3) He writes the random key encrypted with his public key to the file.
  4) He writes his public key (or certificate) to the file.
  5) He writes the random key encrypted with the admin users public key to the file.
  6) He encrypts the data using the random key writes the result to the file.
  This user can then update the file by
  1) reading from the file the digest of the random key.
  2) reading the random key encrypted with his public key.
  3) Decrypting this encrypted random key using his private key extracted from his keystore.
  4) Check the digest of this key to make sure he has the correct random key.
  5) skipping his certificate and the random key encrypted using the admin user's public key.
  5) Decrypting the data using the random key.
  6) Update the data.
  7) Re-encrypt the file as described in the first part using a new random key.
  The admin user can
  1) read from the file the digest of the random key.
  2) skip the random key encrypted using the user's public key.
  3) reading the user's public key from the file (for use later if the file needs to be updated).
  4) read the random key encrypted using the admin's public key.
  5) decrypting the random key using the admin's private key obtained from his key store.
  6) check the digest of the random key to make sure it is correct.
  7) decrypt the the data.
  The admin can edit the data since he can re-encrypt the data in a similar manner to the way it was created in the first place.