Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

Is there a way to Batch decrypt multiple files in sub-folders using GNU GPG on windows? A large amount of files and folders are received on a regular basis so this is ongoing and right now it's a folder at a time and very tedious. Thanks in advance.
0
Cloud Class® Course: C++ 11 Fundamentals
LVL 12
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Hi, I was looking for instructions on how to decrypt a drive that was crypted using veracrypt.  Like if I put the encrypted hard drive in another computer and wanted to decrypt it.

I tried dooing that today and got lost.  Also do I just need the password they use to log on the Veracrypt screen, or do I need to entire encryption key.

Thanks all.
0
Hi, I use rdx encryption software to encrypt the data on my RDX tape.  I put the password in and have it auto unlock the tape when it's inserted.  It works great and I love it, but one flaw, every time the server reboots, it looses the key and it won't auto unlock.  I have to open the software and enter the key again.  This is bad because I use it at many sites and am rarely at each location.

Question: is there a fix for this, or a work around?

Thanks a ton guys.
0
A friends IT dept want to encrypt his Lapotp

What’s the difference between beofre and after

Are there any keys that need to be kept after the event or is it like changing from FAT to NTFS  ? It just happens and it’s not noticeable to the end user?

Does this give the IT company more control of his laptop to remotely view it etc ?
0
Need to find Info on whether a particular email was read by the recipient in 365 Message Encryption (OME).

We use 365 message encryption to allow users to encrypt emails out to external users. The external user will receive an attachment that they open and then they need to either login (with the recipient email address) or use a one time passcode (sent by Microsoft) to allow them to read the message online. Because the attachment contains the link to read it online, there is no read receipt in 365 for this type of message delivery. We see in Message Trace that the message was delivered (the message notifying the recipient of an encrypted email), however we do not know if they opened the attachment and read the secure email. I would think Microsoft has a way to view this information, however I have been unable to get any results from support.

Is there a way in 365 to find out if the encrypted message was read?

For security reasons, if a message was sent securely to the wrong email, we need to know if it was read or not.

*Extra credit: Is 365 ever going to come out with read receipts on there encrypted emails like other providers??

Thanks in advance to anyone who might know more about this... it seems to be a black hole.
0
Hi,
My client has wildcard certificate(comodo)on multiple servers. Mostly AFAIK IIS 8 and cisco asa.
I need to renew wildcard comodo cert on multiple servers.
Do I need to create cert request on IIS but not with renew option?
https://weblog.west-wind.com/posts/2014/May/08/IIS-SSL-Certificate-Renewal-Pain


Do I need to mark old cert and than create cert request

or do I need mark IIS server and than create cert request option?

https://www.youtube.com/watch?v=ji0-HgB4wek
So,to sumarize.Create cert request on one server,import cert and  then export(pfx) and move it and import to another IIS server?
When I create cert request does this information(organizational unit,organization…)must match with old cert and if so how can I find those information on old cert?IT engineer who has purchase cert last year doesnt work here anymore.

0
I have Win10 Pro ver1709 laptops and we are slowly applying Bitlocker to our laptops. My team has just started noticing Bitlocker would begin encrypting on their own (we do not have MBAM) if left in the OU with the GPO settings applied in the attached doc. It did not do this previously, everything I read online states auto-encryption requires MBAM or manual initialization to begin encryption. We have seen this happen on more than one laptop. Also, something we just started doing was using SecureBoot which required us to use UEFI on the laptop.

- my GPO settings are in the attached file.

- if it is because of a GPO, which GPO setting (only I would have changed the GPOs, and I have not changed anything) is causing the auto-initialization? I prefer to have the settings needed WITHOUT auto-encrypting, unless that's not an option. please advise.
BitlockerGPOsettings.docx
0
HI,

With GDPR, we are evaluating all our communication channels. Particularly, we are looking at email and whether that should even be used to communicate confidential information, e.g. HR staff emailing each other.

Some people are of the opinion that email is inherently insecure method of communication, and we shouldn't use it at all! They suggest using the likes of WhatsApp, which has end to end encryption.

Others take the view that office365 has sufficient security in it to protect its users, and we should not over-react.

Is there sufficient protections in Office 365 for email users? Or, if not, are there additional services can be applied to a domain using office365 which would provide the equivalent of end to end encryption?

Advice very welcome.
0
Hi Experts,

I want to run this file in openssl.
Can you help me please ?

Where to enter what ?

cat > csr_details.txt <<-EOF
[req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
C=US
ST=New York
L=Rochester
O=End Point
OU=Testing Domain
emailAddress=your-administrative-address@your-awesome-existing-domain.com
CN = www.your-new-domain.com

[ req_ext ]
subjectAltName = @alt_names

[ alt_names ]
DNS.1 = your-new-domain.com
DNS.2 = www.your-new-domain.com
EOF

# Let’s call openssl now by piping the newly created file in
openssl req -new -sha256 -nodes -out \*.your-new-domain.com.csr -newkey rsa:2048 -keyout \*.your-new-domain.com.key -config <( cat csr_details.txt )

Open in new window

0
Is there a possible way to find the number of users/mailbox using the digital certificate from outlook client for encryption purpose? It is Exchange on-premises solution.
Any thoughts on that information fro server side?
0
Cloud Class® Course: Microsoft Azure 2017
LVL 12
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

I am trying to run the below code

select @FilePath = ParameterValue from Parameter where ParameterCode = 'EXPORT_PATH'
	
set @filename = 'HDN' + replace(convert(varchar,getdate(),3),'/','') + right('0' + convert(varchar,datepart(hour,getdate())),2) + right('0' + convert(varchar,datepart(minute,getdate())),2) + right('0' + convert(varchar,datepart(second,getdate())),2) + '.csv'
select @sql = 'bcp "exec [' + DB_Name() + '].dbo.expJDEHDN ''' + convert(varchar,dbo.fnDateOnly(getdate()),113) + '''" queryout ' + @FilePath + @filename + ' -c -t, -T -S ' + @@servername

--select @sql
	
exec xp_cmdshell @sql

Open in new window


however,  I get the following error

Encryption scheme mismatch for columns/variables '@FilePath'. The encryption scheme for the columns/variables is (encryption_type = 'DETERMINISTIC', encryption_algorithm_name = 'AEAD_AES_256_CBC_HMAC_SHA_256', column_encryption_key_name = 'CEK_Auto1', column_encryption_key_database_name = 'xxxx') and the expression near line '24' expects it to be (encryption_type = 'PLAINTEXT') (or weaker).

The problem is on this line

select @sql = 'bcp "exec [' + DB_Name() + '].dbo.expJDEHDN ''' + convert(varchar,dbo.fnDateOnly(getdate()),113) + '''" queryout ' + @FilePath + @filename + ' -c -t, -T -S ' + @@servername

Open in new window


The issue is that @FilePath is the value of an Always Encrypted Column and therefore not able to be used in this dynamic SQL.

I would be grateful if someone could help me get a way around this.

Thanks

Simon
0
We have been working with 7-zip form some time as matter fact was recommend by EE, we use it for large compression and complex-long password protected files.  Today in a meeting we were informed that 7-zip can be hacked.  We didn't believe until the person ran an apps and unzip one of our supposedly secure 7-zip files.  So our question is which compression apps is least to be hacked (WinZIp, WinRar, etc.?), which one can we trust? Is the oldies WinZip & WinRar also hacked?.
0
Hi

Our staff carry data on USB drives and portable hard drives. Please can you let me know if these any free software that I can encrypt or password protect these devises.

Many Thanks
0
HI,

I have a user on Windows 7 Pro, so Bitlocker is not an option.

I want to encrypt his entire hard drive, is there a recommended alternative to BitLocker, or can BitLocker be purchased as a stand alone product?

Thanks for assistance and recommendations.
0
We would like to place a password on the windows backup image.  We search for this option but to no avail.  Next best thing, imaging to encrypted drive.

We are purchasing en 4tb external drive for the sole purpose of doing an windows backup image and saving it in the drive, however, we want to save it in an encrypted drive that’s will be created on it.

We would like to know,
 - is there a way to protect or place a password to a Windows backup image?
 - whats consideration we should take if directly doing a backup image to an encrypted drive? (drive letter the windows backup image asks for).
 - do we image in the external drive then move it to the encrypted drive?
0
We are encrypting all windows 10 with bitlocker and saving the txt files.  We changed the boot order and the machines generated the bitlocker ID.  But suddenly the Identifier changed?  How and why and can this be fixed?
0
I am thinking about adding a a TPM chip and Bitlocker to my Windows 10 Pro "DOMAIN-JOINED" laptop

What "windows bitlocker cracking" steps can I do if I need to easily recover later ?

https://blogs.technet.microsoft.com/hugofe/2010/10/29/bitlocker-without-tpm/

https://www.howtogeek.com/287737/how-to-check-if-your-computer-has-a-trusted-platform-module-tpm-chip/
0
What optional technologies are there for secure video streaming?

I am planning to give a seminar business, but like the idea of protecting y seminar.

I have this URL:

https://www.vdocipher.com/

What other related tools are there for me to compare against this one.

And do I still need a service like GoToMeeting? Are there conflict between some services with this encryption serivce?

Thanks
0
Hi
I have laptops with Windows 7 enterprise installed and don’t have TPM modules in these laptop. Our management is concerned about the security of the data on the laptops if stolen or lost and have asked me to encrypt the laptop drive.

Is it possible to set up bit locker on Window 7 Enterprise laptops without using TPM and I would like to set password for the encryption.
Whenever the laptop boots, I would like to laptop to prompt for the password and when the user keys in the password, it must get into windows.

Also I would like the save the password (Keys) to Active Directory. In case the user forgets the password, we must be able to recover the password for them.

Please can step by step tutorial be posted and Thanks in advance.
0
Cloud Class® Course: Amazon Web Services - Basic
LVL 12
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Dear Expert

What the Impacts if we used Microsoft: BitLocker drive encryption?

Regards
0
I have EFS apply on my environment. the DRA was configured first and the DRA is the domain Admin/Enterprise Admin Account. The User int he HR department, encrypted all files on a share folder that is on a file server mapped to his user account via group policy.
The HR user is not longer accessing the files, and he is getting the "Access Denied" error when opening those files. The certificate is installed on this computer. The only thing that changed was his password as we have password policy of every 30 days changing. We have this implemented two  months ago about.
My question is. how can this HR user be able to open those files again?
I have all certificate and privates keys in my CA server and HR user computer. Please be specific.
0
I am trying to see if there is any way to detect and stop encryption process on a windows server.

Basically one of the workstation opened a ransomware (SIGMA) and it has encrypted everything on her computer which is to be expected. However, it also encrypted everything on the mapped driver from the file server. The file-server has antivirus and even anti-ransom but it still encrypted the stuff on the mapped drives. All drives or folders that were not mapped to this particular workstation are fine.
So the question would be if there is anything to prohibit any type of encryption that is initiated from a workstation. If not, maybe someone knows a good solution to prevent this in another way.

By the way, I do have backups, however since I only have backups every 24 hours, I lots one days work. I do not really care about the files on the workstation because I simply restore a clean image but if it messes with my files on the domain server, it becomes a huge issue and I need to find some solution.

Any tip is very much appreciated. Thanks to all that are willing to assist me.
The server is Windows Server 2016
0
Hi

We have GDPR and I have been asked to encrypt staff laptops. We are using windows 7 enterprise. The idea is if the laptop is lost or stolen, the person who gets the laptop must not be able to recover the data from the laptop Hard disk.

The laptops that we have does not have TPM module. We have found a way of setting up bit locker and here during the setup process, the encrypted key corresponding to the laptop is copied to a USB stick and whenever the laptop is booted the USB stick must be inserted into the laptop to authenticate and boot into windows.

This method will not be suitable for uses, they can lose the USB stick, it will be difficult for them to carry this with the laptop and if they keep the USB in the laptop bag and if the laptop bag is lost, the data can fall into wrong hands.

Please let me know if there is any other way around or any software that can encrypt the staff laptops.
Thanks
Any help will be great
0
Do macOS come with any full disc encryption and option for encrypting inserted USB before they can be written too, similar in fashion to bitlocker and bitlocker to go on later releases of windows OS. If they do can you provide details, and any tips on how you could verify that these encryption controls (FDE and USB) have been applied to all devices in the environment? we need some assurances from a partner for security audit and are aware they run macos.

out of interest are there any major providers of anti virus for macOS or does the OS itself have any inbuilt AV similar to windows defender?
0
We have a number of Windows Server (2008 R2 upwards) which store sensitive, shared data and we are looking to encrypt it. The Windows servers are currently running as VMware virtual machines all of which reside on a SAN.

I initially thought the simplest solution would be to enable BitLocker to encrypt the entire disk, but apparently there is an issue using BitLocker with virtual machines (due to limitations of TPM/BIOS) - is this accurate?

If BitLocker can't be used, what are the alternatives? As the data on the server is shared by many people in the business, I didn't think EFS could be used as that's encrypted using a particular persons account?
0

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.