Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

Trying to find an official Microsoft product to hash an entire drive in MD5 or SHA256.

CertUtil only works for individual files.
Get-FileHash only works for individual files.

I need something for an entire drive or set of directories and files.
0
Free Tool: SSL Checker
LVL 9
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

All of the sudden accessing my gmail accounts through Outlook 2016 gets "Your server does not support the connection encryption type you have specified.  Nothing changed on my PC at all.

- I can log into Gmail on the web
- I checked my gmail settings and they are correct - I am using POP3
- it affects all of my gmail accounts
- I have repaired office
- no other office problems are corrected



Thanks
David
0
In trying to get scan to email working I was changing settings in the kyocera cs400ci printer and now locked myself out of the GUI as the SSL settings I set it to are wrong and browsers dont trust it.

I checked SSL and DES only (no 3DES or AES) and now all browsers say invalid/bad/unsupported ssl/tls etc.

Any ideas on how I can ignore any/all ssl warnings and still get to the gui?  force ssl is on so I cant use port80.
0
Hi all,

Having being doing some extensive work around our public facing webservers we are now getting down to less known issues. Most of the work we have being doing was around Certificates and encrption. Following another recent scan we are still getting the saem result come up for most servers:

  • Strict-Transport-Security      
  • Content-Security-Policy      
  • Public-Key-Pins      
  • X-Frame-Options
  • X-XSS-Protection      
  • X-Content-Type-Options      
  • Referrer-Policy      

I have read a bit about them but its a bit over my head not having a web background. To mitigate these problems can someone tell me are these weaknesses linked to IIS or encryption. Knowing that would be a good start.
0
Hi,

I have some files/folders that were copied from a Mac and the files show up as being encrypted when extracted from a zip file.

I could not remove the encryption even after taking ownership.

Also, some windows computer can open the files and some cannot.

how can I fix this?

Thanks,
0
Experts,

I have a bucket called SRC.Jobs that I want to do a multipart encrypted upload to.   I have been told that I can't do this because the bucket has a period in the name.  Is there a way around this?  Changing the name will break a bunch of other processes.
0
Hello,

Does anyone know a way I can print a secure PDF file? when opened the file says it is (SECURED).

I know this means the PDF is encrypted and I know that I need the password to unlock the encryption but I am not looking at unlocking or making the PDF editable but rather just have the ability to print what I can view on screen? I tried copying the content out but this doesn't work either.
0
We had an old windows xp PC in our 2008 domain which was reformatted to windows7 and joined back to domain.
Now we found one of the profile's mydocuments is encrypted.outlook pst file is also located inside the same folder.
we are not able to recover that showing access denied.tried changing permission but not working.
any recommendations please.
0
Which program is a good program for encrypting a portable external drive.
Are there any free programs?
Thanks Tony D
0
If I dont have a Windows server What program can I use to create a private and public key for use.
also whats best for secure email?
Thanks Tony D
0
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

What are my encryption options (hardware and software) for Thinkpad laptops specifically T540p and T560s models. We would prefer hardware encryption but open to ideas if there are better options. Thank you in advance for any input!
0
We have heard that it is possible that TrueCrypt can be accessed when the volume is mounted; it’s keys be retrieved.  

What considerations should one take in account for this possible breach of data?

... and does other OTFE apps suffer same conditions or flaw?

Please advice.
0
Customer has his but says not all files are encrypted

What the best thing to do now

Thanks
0
Hi,

We need to create a large trueCrypt volume, at least 1.5 TB.  Somewhere I read that the larger the size the less security TC volume has and of course, the bigger the volume the slower reading/writing to it.  As for the speed, it's no concern, but security yes.  That said, if what disadvantage is it creating a 1.5 TB (1,500 GB ) TC volume?  If EE doesn't recommend this big of a size, what is your recommendations?

Thank you in advance.
0
For Microsoft SQL, 2012, I was told that the following, ""Database encryption scan" indicates that  a database is being created.  A quick google search is pulling up information that suggests otherwise.  I am looking for something definitive.   I am working with others to be alerted when a database is created and another when the database is encrypted.
0
Hi all,

Im trying to implement a more secure means of using RDP. Having read up about I feel the TLS enabled option  would be sufficient. Having configured the host session properties on teh server to use SSL 1.0, encryption level high and ticked the box for allow connections from computers running NLA with auto generated Certificate. Haivng logged out and back in again I notice its still communicating over port 3389. Is this correct? Can I test whether this is encrypted?
0
Hi all,

I'm after your thoughts.  USB drives are a big risk to any network.  However, if a business enforces the encryption of USB Drives once they have been attached to a computer and are also scanned by an anti virus product, just how much risk do they now pose?

Any corporate data on there is now encrypted incase it is lost or stolen and any malware/virus should be detected before it is able to run (as long is it is not 0 day for example).

Should we still be concerned?  Many in the business want USB drives disabled by default, where as other think that the above controls mitigate the risks and will only force people to start printing (and losing) paper documents.
0
Hi,
    I got a error while installing Lync 2010 client install in Windows 7 32 bit machine.Please find the attachment file.

Error :- "cannot determine the encryption status of the temporary files folder"
Screenshot_1.png
0
Hi,

How can we change an existing password assigned to a file that is within WinZip compress & encrypt file.

The no-brainer is just extract and compress with new file, but we  are looking for changing without the need extracting.
0
Threat Trends for MSPs to Watch
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

As the title states we use Outlook 2010, in this case a service mailbox with a domain user account. The recipient is external.

The user opens a specific Outlook profile which has a certificate and under the S/MIME settings i use SHA 512 & AES 256.

However....all mails send are signed and encrypted, but.... 168 bits 3DES.

I published the certificate to the GAL after reading some info regarding that but that changed nothing.
Hope that anyone can help me sort out whats wrong?

Can the certificate used be the cause?

The certificate used is sha256RSA 2048 Bits.
Under Enhanced KeyUsage:

Client Authentication (1.3.6.1.5.5.7.3.2)
Secure Email (1.3.6.1.5.5.7.3.4)

Any tips appriciated!
0
We have a GPO in place to restrict who can use USB removable storage on workstations.  I'd like to know if there is a solution to require the USB devices to be encrypted.

Thanks,
 Troy Taylor
0
Is it possible if any one knows my social security number and date of birth can pull my credit history?
0
Hello,



As part of an audit, I need to furnish the encryptions ciphers used by our mail server, which in our case is

an Exchange 2016 CU 17 server.



Specifically, here's the question:



If TLS is being used, are cryptographically strong key exchange and message encryption ciphers being used?



<The preference order of key exchange and encryption ciphers is:



 



1.Key exchange: Elliptic Curve Diffie–Hellman (ECDH), Encryption: AES in Galois Counter Mode (AESGCM)


2.Key Exchange: Diffie–Hellman (DH), Encryption: AES in Galois Counter Mode (AESGCM)


3.Key Exchange: Elliptic curve Diffie–Hellman (ECDH), Encryption: AES-256 (AES256)


4.Key Exchange: Diffie–Hellman (DH), Encryption: AES-256 (AES256)


5.Key Exchange: Elliptic Curve Diffie–Hellman (ECDH), Encryption: AES-128 (AES128)


6.Key Exchange: Diffie–Hellman (DH), Encryption: 128 or 256 bit AES (AES)


7.Key Exchange: RSA, Encryption: AES in Galois/Counter Mode (AESGCM)




  No other key-exchange and encryption ciphers are allowed>



I'm not quite sure how to check and see what it uses.  Can you offer any suggestions?



Thanks in advance.



Regards,

Real-Timer
0
After several hours of research and trial and error, I have found that I am unable to enable bitlocker on removable USB drives without password.

I am mostly curious and confused, as the policy description and all the documentation I have found indicates that having a password is optional -unless you make it mandatory. Everything in the language makes it appear that one should be able to enable bitlocker-to-go and not set a password.


"Configure use of passwords for removable data drives:

This policy setting is used to require, allow, or deny the use of passwords with removable data drives.

If you enable this policy setting, users can configure a password that meets the requirements that you define. To require the use of a password, select "Require password for removable data drive". To enforce complexity requirements on the password, select "Require complexity".

If you do not configure this policy setting, passwords will be supported with the default settings, which do not include password complexity requirements and require only 8 characters"


Initially I left the relevant settings "Not Configured."  I've since tried pretty much every iteration of the settings, as well as enabling BitLocker from right-click, control panel, and manage-bde.  I receive the enable bitlocker dialog window, and cannot proceed until I have supplied a password and password confirmation.  ("Next" is grayed out.)



Am I misunderstanding the policy options? Has anyone dealt …
0
Hi Experts,

Im trying to convert a series of scripts that we use internally to a vb.net applicaiton with a GUI that can be passed on to the BAU teams. Unfortunately my knowledg around encryption is pretty non existant.

Would anyone be so kind as to explain to me how to convert the below perl to VB.NET? Or at least point me in the correct direction as far as namespaces etc are concerned?

use DBI;
use strict;
use warnings;
use Crypt::CBC;
use MIME::Base64;
use Encode;
use Digest::MD5 qw(md5_hex);
use warnings;


my $encrypted = <FILE>;

my $iv  = '0000000000000000';
my $utf_decoded = encode_utf8($iv);
my $key = "854EE3617FDDA2D3";


#create Cipher based on AES
my $cipher = Crypt::CBC->new(
				-key => $key,
				-literal_key => 1,
				-iv => pack('H32',$utf_decoded),
				-header => 'none',
				-padding => 'standard',
				-blocksize => 16,
				-keysize => 16,
               -cipher => "OpenSSL::AES"
);

my @dec = decode_base64($encrypted);
my $count = 0;

foreach my $entry (@dec) {
	my $temp = $cipher->decrypt($entry);
	$temp =~ s/[\x0D]//g; 
	$count++;
	print "$temp";
}

exit();

Open in new window



Here is what i have so far.... not going so great.

Public Function AES_Decrypt(ByVal input As String)

Dim KeyStr As String = "854EE3617FDDA2D3"
        Dim IVstr As String = "0000000000000000"
        

        Dim IV(15) As Byte
        For I = 0 To 15
            IV(I) = IVstr.Substring(I, 1)
        Next

        Dim AES As New RijndaelManaged
        Dim Hash_AES 

Open in new window

0

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.