Questions tagged [encryption]
Encryption is the process of transforming information (called plaintext) into an unreadable form (called ciphertext) using an encryption algorithm using a secondary parameter (called an encryption key). Only those who possess the decryption key can easily reverse the process and recover the original plaintext. Conceptual questions about encryption may get better answers on crypto.stackexchange.com.
37,175
questions
780
votes
9
answers
329k
views
Are HTTPS headers encrypted?
When sending data over HTTPS, I know the content is encrypted, however I hear mixed answers about whether the headers are encrypted, or how much of the header is encrypted.
How much of HTTPS headers ...
- 102k
755
votes
29
answers
831k
views
610
votes
9
answers
530k
views
How to choose an AES encryption mode (CBC ECB CTR OCB CFB)? [closed]
Which of them are preferred in which circumstances?
I'd like to see the list of evaluation crtieria for the various modes, and maybe a discussion of the applicability of each criterion.
For ...
- 191k
542
votes
14
answers
228k
views
Fundamental difference between Hashing and Encryption algorithms
I see a lot of confusion between hashes and encryption algorithms and I would like to hear some more expert advice about:
When to use hashes vs encryptions
What makes a hash or encryption algorithm ...
- 12.2k
483
votes
14
answers
292k
views
Does my application "contain encryption"?
I'm uploading a binary for the first time. iTunes Connect has asked me:
Export laws require that products containing encryption be properly authorized for export.
Failure to comply could result ...
- 44.7k
441
votes
7
answers
876k
views
Encrypting & Decrypting a String in C# [duplicate]
What is the most modern (best) way of satisfying the following in C#?
string encryptedString = SomeStaticClass.Encrypt(sourceString);
string decryptedString = SomeStaticClass.Decrypt(encryptedString)...
- 5,920
420
votes
9
answers
632k
views
Java 256-bit AES Password-Based Encryption
I need to implement 256 bit AES encryption, but all the examples I have found online use a "KeyGenerator" to generate a 256 bit key, but I would like to use my own passkey. How can I create my own key?...
- 20.2k
419
votes
12
answers
232k
views
What is the difference between encrypting and signing in asymmetric encryption? [closed]
What is the difference between encrypting some data vs signing some data (using RSA)?
Does it simply reverse the role of the public-private keys?
For example, I want to use my private key to ...
- 92.2k
322
votes
16
answers
160k
views
What is the most appropriate way to store user settings in Android application
I am creating an application which connects to the server using username/password and I would like to enable the option "Save password" so the user wouldn't have to type the password each time the ...
- 66.3k
313
votes
9
answers
807k
views
How to use OpenSSL to encrypt/decrypt files?
I want to encrypt and decrypt one file using one password.
How can I use OpenSSL to do that?
- 66k
292
votes
24
answers
599k
views
Is it possible to decrypt MD5 hashes?
Someone told me that he has seen software systems that:
retrieve MD5 encrypted passwords from other systems;
decrypt the encrypted passwords and
store the passwords in the database of the system ...
- 20.3k
283
votes
6
answers
389k
views
Simplest two-way encryption using PHP
What is the simplest way of doing two way encryption in common PHP installs?
I need to be able to encrypt data with a string key, and use the same key to decrypt on the other end.
The security isn't ...
- 2,857
279
votes
10
answers
613k
views
How do you Encrypt and Decrypt a PHP String?
What I mean is:
Original String + Salt or Key --> Encrypted String
Encrypted String + Salt or Key --> Decrypted (Original String)
Maybe something like:
"hello world!" + "ABCD1234" --> ...
- 18.1k
271
votes
11
answers
685k
views
JavaScript string encryption and decryption?
I'm interested in building a small app for personal use that will encrypt and decrypt information on the client side using JavaScript. The encrypted information will be stored in a database on a ...
- 4,045
265
votes
3
answers
134k
views
What's the purpose of Django setting ‘SECRET_KEY’?
I did a few google searches and checked out the docs ( https://docs.djangoproject.com/en/dev/ref/settings/#secret-key ), but I was looking for a more in-depth explanation of this, and why it is ...
- 108k
235
votes
5
answers
141k
views
SHA512 vs. Blowfish and Bcrypt [closed]
I'm looking at hashing algorithms, but couldn't find an answer.
Bcrypt uses Blowfish
Blowfish is better than MD5
Q: but is Blowfish better than SHA512?
Thanks..
Update:
I want to clarify that I ...
- 8,806
219
votes
8
answers
313k
views
Best way to use PHP to encrypt and decrypt passwords? [duplicate]
Possible Duplicate:
PHP 2-way encryption: I need to store passwords that can be retrieved
I plan to store foreign account information for my users on my website, aka rapidshare username and ...
- 3,019
216
votes
16
answers
669k
views
Encrypt and decrypt using PyCrypto AES-256
I'm trying to build two functions using PyCrypto that accept two parameters: the message and the key, and then encrypt/decrypt the message.
I found several links on the web to help me out, but each ...
- 39.5k
209
votes
1
answer
43k
views
Do I need to store the salt with bcrypt?
bCrypt's javadoc has this code for how to encrypt a password:
String pw_hash = BCrypt.hashpw(plain_password, BCrypt.gensalt());
To check whether a plaintext password matches one that has been ...
- 13.6k
205
votes
24
answers
107k
views
Should I impose a maximum length on passwords?
I can understand that imposing a minimum length on passwords makes a lot of sense (to save users from themselves), but my bank has a requirement that passwords are between 6 and 8 characters long, and ...
- 542k
194
votes
22
answers
346k
views
Simple way to encode a string according to a password?
Does Python have a built-in, simple way of encoding/decoding strings using a password?
Something like this:
>>> encode('John Doe', password = 'mypass')
'sjkl28cn2sx0'
>>> decode('...
- 17.4k
193
votes
13
answers
182k
views
How to convert SecureString to System.String?
All reservations about unsecuring your SecureString by creating a System.String out of it aside, how can it be done?
How can I convert an ordinary System.Security.SecureString to System.String?
I'm ...
- 80.8k
190
votes
2
answers
87k
views
gnupg: There is no assurance this key belongs to the named user
I'm trying to use interesting password management tool named Pass.
I did the following:
Installed gpg tool $ sudo dnf install gpg
Generated a key using $ gpg --gen-key
Typed $ pass init "foobar ...
- 6,244
187
votes
11
answers
47k
views
When would I need a SecureString in .NET?
I'm trying to grok the purpose of .NET's SecureString. From MSDN:
An instance of the System.String class is both immutable and, when no longer needed, cannot be programmatically scheduled for ...
- 7,641
184
votes
16
answers
517k
views
How to encrypt String in Java
What I need is to encrypt string which will show up in 2D barcode(PDF-417) so when someone get an idea to scan it will get nothing readable.
Other requirements:
should not be complicated
it should ...
- 3,201
183
votes
14
answers
192k
views
How do you test a public/private DSA keypair? [closed]
Is there an easy way to verify that a given private key matches a given public key? I have a few *.puband a few *.key files, and I need to check which go with which.
Again, these are pub/key files, ...
- 6,253
181
votes
3
answers
402k
views
RSA Public Key format
Where can i find some documentation on the format of an RSA public key?
An RSA public key formatted by OpenSSH:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQB/nAmOjTmezNUDKYvEeIRf2YnwM9/uUG1d0BYsc8/tRtx+...
- 252k
179
votes
11
answers
124k
views
Difference between encoding and encryption
What is the difference between encoding and encryption?
- 11.3k
179
votes
10
answers
262k
views
Hash function that produces short hashes?
Is there a way of encryption that can take a string of any length and produce a sub-10-character hash? I want to produce reasonably unique ID's but based on message contents, rather than randomly.
I ...
user234932
176
votes
8
answers
73k
views
Two-way encryption: I need to store passwords that can be retrieved
I am creating an application that will store passwords, which the user can retrieve and see. The passwords are for a hardware device, so checking against hashes are out of the question.
What I need ...
- 21k
175
votes
6
answers
100k
views
What is the purpose of base 64 encoding and why it used in HTTP Basic Authentication?
I don't get the Base64 encryption.
If one can decrypt a Base64 string, what is it's purpose?
Why is it being used for HTTP Basic auth?
It's like telling to someone my password is reversed into ...
- 78.8k
174
votes
9
answers
309k
views
SQLite with encryption/password protection
I'm just learning to use SQLite and I was curious if such is possible:
Encryption of the database file?
Password protect opening of the database?
PS. I know that there is this "SQLite Encryption ...
- 17k
168
votes
2
answers
179k
views
What are the differences between .pem, .cer and .der?
What are the differences between .pem, .cer and .der?
As far as I know, .cer contains public key. Are there any open frameworks that I can use to encrypt my data using this public key?
- 8,424
164
votes
5
answers
123k
views
encryption/decryption with multiple keys
Is it possible to encrypt data, such that it can be decrypted with several different keys?
Example:
I've encrypted data with key1, but I want to be able to decrypt with keys 2, 3, and 4.
Is this ...
- 12.2k
161
votes
9
answers
152k
views
Difference between Hashing a Password and Encrypting it
The current top-voted to this question states:
Another one that's not so much a security issue, although it is security-related, is complete and abject failure to grok the difference between ...
- 227k
160
votes
16
answers
350k
views
Converting a Java Keystore into PEM Format
I am trying to convert from a Java keystore file into a PEM file using keytool and openssl applications. However, I could not find an ideal way to do the conversion. Any thoughts?
Instead of ...
154
votes
7
answers
483k
views
Given final block not properly padded
I am trying to implement password based encryption algorithm, but I get this exception:
javax.crypto.BadPaddingException: Given final block not properly padded
What might be the problem?
Here is ...
- 6,696
145
votes
4
answers
31k
views
How to encrypt bytes using the TPM (Trusted Platform Module)
How can I encrypt bytes using a machine's TPM module?
CryptProtectData
Windows provides a (relatively) simple API to encrypt a blob using the CryptProtectData API, which we can wrap an easy to use ...
- 252k
142
votes
10
answers
236k
views
Encrypt password in configuration files [closed]
I have a program that reads server information from a configuration file and would like to encrypt the password in that configuration that can be read by my program and decrypted.
Requirements:
...
- 11.5k
142
votes
5
answers
86k
views
What is the optimal length for user password salt? [closed]
Any salt at all will obviously help when salting and hashing a user's password. Are there any best practices for how long the salt should be? I'll be storing the salt in my user table, so I would ...
- 7,607
138
votes
6
answers
248k
views
Converting Secret Key into a String and Vice Versa
I am generating a key and need to store it in DB, so I convert it into a String, but to get back the key from the String. What are the possible ways of accomplishing this?
My code is,
SecretKey key =...
- 5,358
136
votes
7
answers
201k
views
How does BitLocker affect performance? [closed]
I'm an ASP.NET / C# developer. I use VS2010 all the time. I am thinking of enabling BitLocker on my laptop to protect the contents, but I am concerned about performance degradation. Developers who use ...
- 10.6k
136
votes
8
answers
167k
views
I need to securely store a username and password in Python, what are my options? [closed]
I'm writing a small Python script which will periodically pull information from a 3rd party service using a username and password combo. I don't need to create something that is 100% bulletproof (does ...
- 89.6k
134
votes
9
answers
180k
views
How to send password securely over HTTP?
If on a login screen user submits a form with their username and password, the password is sent in plain text (even with POST, correct me if I am wrong).
What is the right way to protect the user and ...
- 9,492
129
votes
3
answers
149k
views
What is the meaning of ToString("X2")? [duplicate]
I'm studying MD5 encryption, and have found this code using Google:
public string CalculateMD5Hash(string input)
{
// Primeiro passo, calcular o MD5 hash a partir da string
MD5 md5 = System....
- 8,348
127
votes
5
answers
146k
views
AES Encryption for an NSString on the iPhone
Can anybody point me in the right direction to be able to encrypt a string, returning another string with the encrypted data? (I've been trying with AES256 encryption.) I want to write a method which ...
- 1,646
127
votes
10
answers
221k
views
mcrypt is deprecated, what is the alternative?
The mcrypt-extension is deprecated will be removed in PHP 7.2 according to the comment posted here. So I am looking for an alternative way to encrypt passwords.
Right now I am using something like
...
- 2,198
126
votes
3
answers
270k
views
Remove 'b' character do in front of a string literal in Python 3 [duplicate]
I am new in python programming and i am a bit confused. I try to get the bytes from a string to hash and encrypt but i got
b'...'
b character in front of string just like the below example. Is any ...
- 3,050
120
votes
14
answers
240k
views
Javascript AES encryption [closed]
Is there a library available for AES 256-bits encryption in Javascript?
- 2,249
119
votes
10
answers
486k
views
Initial bytes incorrect after Java AES/CBC decryption
What's wrong with the following example?
The problem is that the first part of the decrypted string is nonsense. However, the rest is fine, I get...
Result: `£eB6O�geS��i are you? Have a nice day.
@...
- 3,572