Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have a user who has a certificate issued by one company (identitrust) but has switched over to a new cert issued by another company (ECA).  Because they are different companies I can't import the old cert into the new device so it would have both certs.

He still has old emails encrypted with the old identitrust cert that he needs to be able to read.

I know in the trust center I could create multiple setups to point to the different certs, but (I think) he will need to go into trust center and manually choose the setup he wants to use.

Is there a way to configure it so it has both certs installed and will automatically select which cert to use without user intervention?
0
Free Tool: Path Explorer
LVL 10
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Hi I am using BouncyCastle OpenPGP. I am trying to do Encrypt, Sign, Decrypt, Verify. Encryption with larger file(200 MB) is working pretty much faster But when i try to decrypt the encrypted file its taking 15 mins. Please let me know how to recover that by reducing the decryption time.
0
Hi,
I am testing the deployment of BITLOCKER via GPO.
For the moment I want to just encrypt the fixed drives without using TPM
I have created a TEST OU and moved a single computer to it.
I have created a GPO and edited/activated the following
Computer Configuration>Administrative Templates>Windows Components>BITLOCKER encryption
I have activated the following
Control the use of BITLOCKER on fixed drives:ACTIVE
Configure the encryption on the hardware level on the fixed drives:ACTIVE
Select the recovery method for recovery of fixed drives using BITLOCKER: ACTIVE
The rest is not configured.
Please note that I have the GUI in french so the translation might not be exact.

I have applied the GPO to the TEST OU
run gpupdate /force on the only computed within the OU
Restarted the computer
The GPO does not seem to apply
manage-bde -status and the bitlocker mmc show the the bitlocker DISACTIVE

What am I doing wrong or what do i need to add?
Please help.
Lenovo ThinkPad with running Windows 10

Are there any compatibilty issues with OPAL drives?


GPO Bitlocker
0
On this other crypto currency, I sew the term ICO:

https://www.exiocoin.com/pre-ico-terms

What is that?
0
I am learning a few details the "double-spending problem" and it seems that Bitcoin is not really that protected from them.

https://en.bitcoin.it/wiki/Irreversible_Transactions

My question is whether there are an stats which track the number of Bitcoin transactions that have been reversed by the Bitcoin not actually being on the account of the spender? Or is this a failure that can not be tracked, due to Bitcoin's lack of centralization?

If you have this statistic, it would be great to see any competing currencies to see if they have a different failure rate...
0
Given that Elliptical Curve Cryptography (ECC) is supposed to be more efficient (smaller key required for equal protection) than other cryptography methods, why is it not more widely used?

I'm studying for my Security+ Cert and constantly see that ECC can use a much smaller key yet still afford the same/similar level of security.
0
Hello!

I am trying to encrypt a file using pgp in a batch file. It works fine as long as I give a C drive path. Once I change it to a network path, I get the following error.

gpg2.exe --batch -o "\\<network server>\<network folder>\<network folder>\XYZ.txt.gpg"
-r <certificate here> --trust-model always -e "\\<network server>\<network folder>\<network folder>\XYZ.txt"
gpg: can't open `\\\\<network server>\\<network folder>\\<network folder>\\XYZ.txt': No such file or directory
gpg: \\\\<network server>\\<network folder>\\<network folder>\\XYZ.txt: encryption failed: No such file or directory

Code:
***********************************************
set final="\\<network path>\XYZ.txt.gpg"
set original="\\<network path>\XYZ.txt"

gpg2.exe --batch -o %final% -r <certificate here> --trust-model always -e %original%
***********************************************

I have tried net use & pushd, both aren't working.

Appreciate any help.
0
After I've configured the device I can't get out to internet via any of the pcs.  I can access the 5505 from and outside computer and can configure it via the ASDM so I'm not sure what the problem is.  Can someone verify my config below?

ASA Version 8.3(1)
!
hostname ciscoasa
enable password OlOxQ1nyrZ49h6MK encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.2.1 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address dhcp setroute
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
object network obj_any
 subnet 0.0.0.0 0.0.0.0
object network NETWORK_OBJ_192.168.2.0_24
 subnet 192.168.2.0 255.255.255.0
object network SCETI
 subnet 172.172.128.0 255.255.255.0
access-list outside_1_cryptomap extended permit ip 192.168.2.0 255.255.255.0 object SCETI
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any host 192.168.2.100 eq 3389
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (inside,outside) source …
0
The Seagate STDR5000200 external hard drive we have contains every piece of data for our business such as databases and Microsoft office files.

This hard drive contains around 2 or 3TB of data.

We are using BitLocker on a Windows 10 Pro PC to encrypt this Seagate STDR5000200 external hard drive.

After 24 hours, at around 6:00pm yesterday the encryption progress had reached around 80%.

We decided to leave the encryption running for this hard drive on the Windows 10 Pro PC overnight.

While running, I set this PC to never go to sleep or have it's screen turned off.

This morning, at about 9:00am, I checked the Windows 10 Pro PC and the login screen was displayed.

I found out that a Windows Update had restarted the PC where the external hard drive had been encrypting.

I checked Event Viewer on the Windows 10 Pro PC and found that it had restarted at 5:05am.

After logging in to this PC, the BitLocker encryption progress did not appear or pop up.

I clicked on the drive which had been encrypting and it required a password to be entered.

I entered the password and had access to the files.

It did not continue encrypting so I am not certain whether this drive had fully encrypted or not.

How do I find out if this external hard drive has been fully encrypted by BitLocker?

Thanks,
Robbie
0
As a part of everyday process, I need to download an encrypted file from sFTP server and decrypt it with key and password.
Please help me with BATCH script to automate this process without manual interruption in GPG2
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE
LVL 4
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Through Shellscript ,executing encrypt command

gpg --recipient F13456 -keyring/home/appldev/.gnupg/pubring.gpg   --encrypt ABC.txt

The above command is neither giving error nor the file is getting encrypted.

Is that the way specifying the keyrings folder to check for the public key .

If not specified the keyrings,its getting executed in command line but through shell script it says "NO Public Key",encryption skipped.

Need you help on this.
0
How to remove administrative password for bios setting.?
0
Hi Experts,

Is there any encryption tool for Asp.NET Project?

Regards,
D Patel
0
Referring to above Struts vulnerability, would an encrypted DB have helped
prevent this data leak/loss?  

Does this Equifax & AXA dl come about by issuing an sql command?

There could be other unknown vulnerabilities yet to be discovered so
wud DB encryption had helped?
0
I'm looking for library/Nuget package that i can use for encrypting and decrypting passwords and store it in database.

I have looked at popular libraries which are mostly "one way hashing" , but I need one that I can decrypt the password as well.
0
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
0
Having an issue backing up or copying files from a server. We receive access denied errors on the files. I have checked the permissions and administrator user has full control. I also noticed that of the files that I have checked, they seem to have the E attribute set (encrypted?).
Any help would be appreciated.
0
We get a lot of zip files from MAC users. When any of our users extract the files in Windows 7 to our server, they appear Green (fine, I know Windows 7 has issues with Mac created ZIP files...) however, the only user who can decrypt the files is the user who extracted them and until they do so no other users can access them. Is there any way to get round this? If the user who extracted the files is off and someone else needs access then they are stuffed. Is there any other way to decrypt the files? I know at some point we will end up with encrypted files that have been extracted by a user who is no longer with the company and their account deleted so we won't be able to log on as that user and decrypt them.
0
Hi,

I have been following the instructions on this link and I have ran both the script to change the identity:

$updateServer = get-wsusserver

$config = $updateServer.GetConfiguration()

$config.ServerId = [System.Guid]::NewGuid()

$config.Save()

and also the command to generate encryption key:

%ProgramFiles%\Update Services\Tools\wsusutil.exe postinstall

This link then states to verify the configuration by checking to see if the computers that existed on the source server now appear - but they do not appear! I migrated the binaries previously but I put them into a folder I crated on the c: drive and I'm not sure if WSUS on the new server knows where to look to find these. I'm in a bit of a mess with this one, are there any experts on here with working knowledge of migrating WSUS servers?
0
Threat Trends for MSPs to Watch
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

I know we encrypt from the Client to the Server but I have been asked to see if the Email Data is encrypted at rest?
0
I heard it's possible to encrypt using private key, and decrypt using public key, at least for RSA.

This is backwards to what I know about public/private encryption, where public key is to encrypt message, which only private key can decrypt. Everyone can send you a message which only you can read.

But it would be very useful to be able to do the opposite, where only I can send encrypted messages which everyone can decrypt using a public key. No one can forge a bogus message.

Can someone explain why it's possible to encrypt with private key and decrypt with public key? Since that's the opposite if how I thought it worked?
0
I’m trying to figure out when to use bitlocker on a server. It makes sense for a laptop or desktop. If they are stolen and the thief can’t login because it is password protected, they could still put the drive in another computer and access the data.

If I have a server in a locked room and there is no concern that it would be stolen, what are the benefits of encryption?

Even if someone did steal the server, it is RAID 5 so it would be a lot more difficult to add the drives to another server to access the data.  It would be easier to run a program to hack the password.

If it is configured to use a pin to start the server, it could not be rebooted remotely. If it shut down for any reason, someone would need to go onsite to start it up. That could create problems especially during storms.

The most likely way someone is going to steal the data from my clients is by tricking a user to install malware. If malware is installed on a workstation, it would be able to access the server whether it is encrypted or not.

Just looking for the pros and cons if encrypting a server
0
Hi All,

I need to upgrade the EMC PowerPath drivers from 5.5.0.5 to  6.1.0.0 and EMC ODM drivers from 6.0.0.5 to 6.0.0.6.

Currently we have on servers as below

root@:/home/root # lslpp -l | grep -i EMC
  EMC.CELERRA.aix.rte        6.0.0.5  COMMITTED  EMC CELERRA AIX Support
  EMC.CLARiiON.aix.rte       6.0.0.5  COMMITTED  EMC CLARiiON AIX Support
  EMC.CLARiiON.fcp.rte       6.0.0.5  COMMITTED  EMC CLARiiON FCP Support
  EMC.Symmetrix.aix.rte      6.0.0.5  COMMITTED  EMC Symmetrix AIX Support
  EMC.Symmetrix.fcp.rte      6.0.0.5  COMMITTED  EMC Symmetrix FCP Support
  EMCpower.base              5.5.0.5  COMMITTED  PowerPath Base Driver and
  EMCpower.encryption        5.5.0.5  COMMITTED  PowerPath Encryption with RSA
  EMCpower.migration_enabler
  EMCpower.mpx               5.5.0.5  COMMITTED  PowerPath Multi_Pathing
  devices.common.IBM.modemcfg.data

root@:/usr # oslevel
7.1.0.0
root@:/usr # uname -a
AIX hl 1 7 00CEBE734C00
root@:/usr #

Thanks in advance
0
We are using PBEWithMD5AndDES encryption to encrypt ids for the purposes like, password reset links and some other places in the application for many projects.

Now we would like to change the encryption algorithm for the new projects.
What will be the secure and fast encryption algorithm for these purposes.

Is AES amd symmetric key encryption secure?
0
I haven't configured a site-to-site VPN in over 10 years. I came across a Cisco legacy protocol document advising against pretty much all I knew.
https://www.cisco.com/c/en/us/about/security-center/next-generation-cryptography.html

Can you provide feedback on the settings I am throwing together purely based on reading. I obviously want secure, but don;t want to overdo it and maintain good performance. Thanks in advance.

My thoughts---

  • IKE Encryption- AES256
  • Auth Method- SHA256
  • Diffie-Helman Group- 14
  • Security Association Lifetime (sec)- 3600
  • Packet Encryption Algorithm- ESP/SHA/HMAC

Any Perfect Forward Secrecy or PFS Diffie-Helman Group settings?
0

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.