Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

i have lost my encryption key , can i recover the same for encrypting data 9928873103
0
Automating Your MSP Business
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Hi experts!

I enabled BitLocker, which appeared to encrypt the drive successfully, then rebooted my Dell Latitude Windows 10 laptop (TPM enabled).

Unfortunately Windows won't boot any more; initially it was booting to a cmd prompt 'LoginUI.exe' and allowing me to enter my username and password, but then saying that the windows event notification service failed to start.

Now it doesn't even get that far; it boots straight in to the repair mode, and I've tried every option without any luck. Auto repair fails to find a problem, reset this PC doesn't work, system restore, startup repair, go back to previous build etc. I also tried all the bootrec commands without any joy.

Any ideas please? Otherwise I'll just have to throw a new SSD in and try recover my files.

Thanks
0
I am just filling out and IT security review questionnaire  and not sure how to answer the following questions.
This is regards to an database over a secured internet connection using RSA.  I don't work in IT security and wondering if someone could explain me some basics  regarding  SSL and Two factor authentication.   I have read the RSA has a 128bit algorythm

Any network connection is encrypted through SSL or IPSec mechanisms when possible and symmetric encryption used is restricted to algorithms with a minimum key size of 128 bits..  

Thanks
0
Hi All, i have attempted to ask Synology themselves but can't seem to get a decent answer. All they tell me is that Veeam is compatible with the Synology NAS

In the process of installing a Synology DS916+ NAS onto a network to be used as a Backup Repository for Veeam B&R

Now, Synology claims that the NAS has Encryption that would protect files from say Ransomware.

My questions are these:

1) If is use Veeam B&R to backup my VM's to the NAS, does the Veeam Backup create multiple copies of these backups so i can restore from a particular date and time? Multiple restore points?

2) Are these backup files encrypted and hopefully protected from Ransomware attacks?


Synology talks about the Hyper Backup facility that come with the device and this seems to have recovery points which i would assume are encrypted, but how does this work in terms of Veeam backing up to the NAS and would i have the same benefits of recovery points and backup encryption

Thanks everyone
0
is there any Tool available to Decrypt  n1n1n1 Ransomware?
0
Is there a software you can recommend to perform this?


Thanks.
0
Hi!

Is it possible to encrypt/decrypt data that is being transmitted through serial connection (RS232) for two devices without using any hardware?

Thanks,

Randy
0
I freeze my credit report from 3 beaurues. Equifax, Transunion, Experian. I did that because some people knows my social and date of birth and I don't want they knows my new address. My question is what other agencies i can use to freeze my credit history?
0
Hey guys.

So I understand the security setting in the policy and that generally the advice is "Turn off FIPS encryption". I know that the symptom is that you send a MSRA request to a client on your domain and the remote assist launches on the reciepent client PC but they never get asked to accept the session and it seems the request dies during the handshake.

At the moment one work around I am using is remoting into another machine w/o FIPS enabled in the GPO; but this is a work around and will not last. Sadly my searches never yielded a good guide to what to configure to use FIPS encryption. Thats what I am looking for.

I have complete admin control over the sender and reciepient. I can also talk to my AD guys if there are trweaks that we might need to do at the network level; but I assuming we can probably avoid needing their involvment. We are running Windows 10 Workstations with a few 7 Enterprise machines sprinkled in.

Advice/help?
0
Windows 2008 R2
Tomcat 8.0.33

Trying to create SSL and install from a CA:
Step 1.
"%JAVA_HOME%\bin\keytool" -genkey -alias ecwinttomcat -keyalg RSA -keystore c:\ecwint.keystore
NO Password, hit enter.  
Step 2.
 
"%JAVA_HOME%\bin\keytool" -certreg -keyalg RSA -alias ecwinttomcat -file c:\ecwint.csr -keystore c:\ecwint.keystore

Get Error about -certreg illegal operation.
Cannot convert to a csr.
0
When ransomware hits your clients, what do you do?
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

i got key for encryption and KCV value to validate key.
how can i do it with java OR online.
0
When a user tries to access an encrypted Excel file he gets the error message "Excel cannot access [filename]. The document may be read-only or encrypted."

This is happening on a Windows 10 64-bit OS.

When we try to remove the encryption attribute from the file we get an "Error applying attributes message. An error occurred applying attributes to the file. The specified file could not be decrypted."

What can be done to fix this issue so we can either open the file or so that we can remove the encryption from the file?

CANT-ACCESS-ENCRYPTED-FILEERROR-DECRYPTING-FILE
0
Hi all,

we have procured Dell Latitude E5580 which is supported only windows 10 and we are using Kaspersky drive encryption. the issue is once the drive encryption is done, the key board is not working on Kaspersky authentication agent window on boot up screen as this laptop is having only HID keyboard.

requesting you all to help us.

thank you in advance.

Manoj
0
 
LVL 24

Expert Comment

by:Brian B
This is a post. It sounds like you are asking for help from the Experts? Please use this link: https://www.experts-exchange.com/askQuestion.jsp
0
Hi
I am looking for information on step by step
needed to use outlook email encryption.

Would also like to have it as a template so it could be sent regularly to the receiver.
0
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
3
After configuring the RC4-HMAC-NT, AES128-SHA1 or AES256-SHA1 Kerberos authentication mode is set but when using the DES-BSC-CRC or DES-CBC-MD5 encryption type, from the client machine [windows 8.1] while connecting to the principal
 Kerberos authentication mode is not set and while trying to login it asks for password.


 To perform the kerberos connection test configuration is done as follows:

1. Set up AD DC on windows server 2012 R2 and windows client 8.1 is used

2. Created a domain user and checked the corresponding option in case of DES-CBC-CRC and DES-CBC-MD5 "Use Kerberos DES encryption types for this account".


 3. On the windows server 2012 R2, in local Policies->Security Options ->"Network Security: configure encryption type allowed for Kerberos" DES_CBC_CRC or DES_CBC_MD5 along with  RC4_HMAC_NT is selected.


 4. On windows 2012 R2, by using ADSIEDIT.msc, value of  msDS-SupportedEncryptionTypes is set to 5 or 6 accordingly.


 5. On the windows client machine [windows 8.1] which is in same domain, in local Policies->Security Options ->"Network Security: configure encryption type allowed for Kerberos" DES_CBC_CRC or DES_CBC_MD5 along with  RC4_HMAC_NT is selected.


 6. Created keytab file on windows 2012 Server R2 by using the KTPASS command [corresponding encryption type is used with -crypto option]


 ktpass -princ host/<host name>@domain name -mapuser <domain user name> -pass <passwd of domain user> -crypto DES-CBC-MD5 -ptype …
0
Hello all,
my DPM tape backup is encrypted with a certificate.
I do not have a certificate, and can't remember issuing one.
the old certificate had expired, and a new one had been generated in APRIL.
we can't use the expired one, we need the APRIL one that i don't have and i can't recall creating it.

is it possible that it was auto renewed by the DPM server automatically ? or this certificate must've been generated and imported into the DPM certificate store manually by someone else ?

PS: we can't export the certificate, as we lost the DPM used to do the backups.

Thank you
0
One of my client system got encrypted with the frogo file extension. Is any tool available for decrypt these files.
0
My Testing Lab.

AD1 192.168.100.1/24
AD2 192.168.100.2/24
EX1 192.168.100.4/24 ( exchange server 2016)
EX2 192.168.100.5 /24 (exchange server 2016)
Haproxy 192.168.100.7/24

On the client outlook direct ex1 or ex 02 can connect with POP3 with 995  & 110 .

HA proxy health check is ok for  995 only . 110 service is down .

On the client outlook direct  Haproxy can connect  110 only .When i connect with POP3 (995) . Following error show

Log onto incoming mail server (POP3): Your server does not support the connection encryption type you have specified. Try changing the encryption method. Contact your mail server administrator or Internet service provider (ISP) for additional assistance.

I don't know what is my problems.
0
New feature and membership benefit!
LVL 9
New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Hi.

I am not very familiar with this option. But I have a user that is trying to create a generic encrypted email and save it as a template so he can simply click on the encrypted email template and send to a recipient when he wants.

He's getting an error:
Microsoft outlook had problems encrypting message because recipient had missing or invalid certificates or conflicting or unsupported encryption capabilities


How would the recipient be able to open the email once it has been encrypted or is it in-encrypted based on the recipients email address???

Can you even have an encrypted email template???

Is some sort of certificate need to also be sent or shared???


Thank you
0
i am bit new to PKI certificates , is it  related to X 509 certifcate
0
This has been going on way too long. I tried to force quit by shutting down after unlocking the decryption but it won't work...help!!
0
Hi all,

I have been searching online for an answer for this question for a few days now with no luck and I am hopeful that someone here can answer it for me.

So, I have a Seagate Wireless Plus device that I encrypted using Bitlocker full disk/drive encryption. When I plug the drive into my desktop computer using a USB, I am required to enter the encryption key to access the drive. It works fine and I am happy with this.

However, I am wondering if the encryption extends to wireless access. In other words, if someone connects to the device while it is broadcasting its SSID (by default it does whenever it is powered up), would they be able to access the contents or would it be all a jumble to them?

Please note that I do not have any compatible wireless devices to test this on hence my reason for posting this question.

TIA
~Tala~
0
Hi experts, i want to change PHP to POWERBUILDER, any help please!
below the php script :

========encrypt===============
function mc_encrypt($data, $key)
{
/// make binary representasion of $key
$key = hex2bin($key);

/// check key length, must be 256 bit or 32 bytes
if (mb_strlen($key, "8bit") !== 32) {
throw new Exception("Needs a 256-bit key!"); }

// create initialization vector
$iv_size = openssl_cipher_iv_length("aes-256-cbc");
$iv = openssl_random_pseudo_bytes($iv_size);

/// encrypt
$encrypted = openssl_encrypt($data, "aes-256-cbc", $key, OPENSSL_RAW_DATA, $iv );

/// create signature, against padding oracle attacks
$signature = mb_substr(hash_hmac("sha256", $encrypted,  $key,   true),0,10,"8bit");

/// combine all, encode, and format
$encoded = chunk_split(base64_encode($signature.$iv.$encrypted));

return $encoded;
}

========decrypt===============
function mc_decrypt($str, $key)
{

/// make binary representation of $key
$key = hex2bin($key);

/// check key length, must be 256 bit or 32 bytes if (mb_strlen($key, "8bit") !== 32) {
throw new Exception("Needs a 256-bit key!"); }

/// calculate iv size
$iv_size = openssl_cipher_iv_length("aes-256-cbc");

/// breakdown parts
$decoded = base64_decode($str);
$signature = mb_substr($decoded,0,10,"8bit");
$iv = mb_substr($decoded,10,$iv_size,"8bit");
$encrypted = mb_substr($decoded,$iv_size+10,NULL,"8bit");

/// check signature, against padding oracle attack
0
Hi All,

After encrypting some laptops with DiskCryptor, they all seem to go into Automatic Repair for Windows 10. Can i format the machine and start again, or do i have to decrypt these?
0

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.