cryptography

问题 The following line succeeds on my PC but throws an exception on a web host's server: CngKey.Import(EccPrivateBlob, CngKeyBlobFormat.EccPrivateBlob); //EccPrivateBlob is a byte[] that works on my PC. The exception: System.Security.Cryptography.CryptographicException: An internal error occurred. at System.Security.Cryptography.NCryptNative.OpenStorageProvider(String providerName) at System.Security.Cryptography.CngKey.Import(Byte[] keyBlob, CngKeyBlobFormat format, CngProvider provider) at ...

问题 I am by no means a security expert or even a novice. I'm a newbie at security at best. Someone suggested I use SHA1 instead of MD5 - why would I choose one over the other? Is one more secure? 回答1: I would use SHA2(256) at the minimum - however: There is little or no point in simply hashing a password in a database due to rainbow table attacks. Equally, salted hashing is better, but if someone has access to your database, then the chances are that they have access to your code in which case

问题 Scenario I've got the following code: <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script> <div id="decrypted">Please wait...</div> Insert new note:<input type="text" id="new_note"><input type="button" id="enc_button" value="Save"> <script> var password = "testpassword"; var encrypted_text = localStorage.getItem("encrypted"); var rawData = atob(encrypted_text); var iv = rawData.substring(0,16); var crypttext = rawData.substring(16); var plaintextArray =

问题 Scenario I've got the following code: <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script> <div id="decrypted">Please wait...</div> Insert new note:<input type="text" id="new_note"><input type="button" id="enc_button" value="Save"> <script> var password = "testpassword"; var encrypted_text = localStorage.getItem("encrypted"); var rawData = atob(encrypted_text); var iv = rawData.substring(0,16); var crypttext = rawData.substring(16); var plaintextArray =

问题 I have an issue related to Cryptography package in Python. Can you please help in resolving these, if possible ? (tried a lot, but couldnt figure out the exact solution) The python code which initiates this error: print("Salt: %s" % salt) server_key = pyelliptic.ECC(curve="prime256v1") # ----->> Line2 print("Server_key: %s" % server_key) # ----->> Line3 server_key_id = base64.urlsafe_b64encode(server_key.get_pubkey()[1:]) http_ece.keys[server_key_id] = server_key http_ece.labels[server_key_id

问题 Until today I was living under the impression that RSA encryption using RSA is deterministic. After all, how should signature verification work if it wasn't? To my big suprise, .NETs RSACryptoServiceProvider does not have a stable output when encrypting the same set of bytes with the same keys: [Fact] public void Learning() { const int keySize = 1024; System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider(keySize); var bytes =

问题 So the April 1, 2013 xkcd Externalities web comic features a Skein 1024 1024 hash breaking contest. I'm assuming that this must be nothing more than a brute force effort where random strings are hashed in an effort to match Randall's posted hash? Is this correct? Also, my knowledge of Skein hashing theory is virtually non-existent but being a halfway decent programmer I was able to download and run both SkeinFish (C#) and Maarten Bodewes Skein implementation (Java) locally in 1024 1024 mode

问题 I want to encrypt a file with AES CBC mode encryption, Using cryptoAPI functions and set my own key from the command-line (It my change in the code) I imagine that the key (after change) will be 1a1dc91c907325c6 and tried in this form: HCRYPTPROV hProv = NULL; HCRYPTKEY hKey = NULL; DWORD dwBlobLen; PBYTE pbKeyBlob = NULL; pbKeyBlob = (PBYTE)"1a1dc91c907325c6"; if(!CryptAcquireContext(&hProv, NULL,NULL, PROV_RSA_AES,CRYPT_VERIFYCONTEXT)) { printf(" Error in AcquireContext 0x%08x \n"

问题 I am using: Windows 10 (Version 1709, OS Build 17025.1000) .net framework 4.7 VS 2017 (version: 15.3.5) Here is what I did: Got a self signed ECC certificate using OpenSSL and steps outlined in the script at https://gist.github.com/sidshetye/4759690 with modifications: a) Used NIST/P-256 curve over a 256 bit prime field b) Used SHA-256 Load the certificate from file (generated in previous step) into X509Certificate2 object Imported the PFX file into windows trust store (for testing). This is

问题 We are having an android app which a decrypting and encrypting large (up to 100MB) files over HTTP-Streams. Therefore, we are using CipherInputStreams and CipherOutputStreams which works fine for AES/CBC/PKCS7Padding . We recently switched to AES/GCM/NoPadding . Now the encryption and decryption is inacceptable slow for files over roughly 50MB. Debugging into the android source code, reveals the issues: https://android.googlesource.com/platform/libcore/+/master/ojluni/src/main/java/javax