Go Premium for a chance to win a PS4. Enter to Win

x

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello,

We have posted an article concerning a new way for securising any digital data with a new software that we build.

Here is the direct link on EE :

https://www.experts-exchange.com/articles/31201/Alph-TaV-a-new-way-to-secure-your-data-like-Swiss-Banks-would-do-to-protect-your-money-One-Vault-3-Physical-Keys-to-open-it.html

here there someone that could advice us if we did correctly or if we better do it in another way.

Thanks in advance.

Regards
0
Automating Your MSP Business
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

what are my options to use encryption on win 7 pro?
0
I have been using a simple Logon form. The password is encrypted in the immediate window, and I then copy and paste that hash into the password field. This works in the attached database as far as matching is concerned.
There is no problem for me to create a "Welcome123" temporary password which I create and paste the hash for, but, I would prefer not to be involved in hashing their new password.

In other words, in the reset password form I would like to run a function that hashes their password and copies it into the t_Users Password as the newly hashed value...

Does anyone have a version they would be willing to share? With my limited knowledge I do not want to reinvent the wheel, and I would be more comfortable knowing this is something recommended from people that do understand a strong version vs a weak one.

My current Login database is attached if anyone would like to look. The encryption part is from a Steve Bishop video on You Tube and he cautions that it is very weak.
Logon-Master-Encryption-v-1.zip
0
Hello, we have an internal Microsoft Root CA Server 2008 R2
We need to update the encryption algorithm and public key from SHA1 RSA 1024 to SHA256RSA and RSA 2048 bit.

And when i try to duplicate Web Server Template it says "The Web Server Certificate template could not be duplicated. Access is denied"

Thanks for your help
0
I have a friend who was hit with ransom ware.  The files are encrypted with scarab extensions.

He tried paying the ransom but did not receive any fix.

Is there anyway to decrypt the data or is he just pretty much up the creek??

He does not have any backups.
0
Hello
Looking into this i cannt find out of the data synchronsied from cloud to local desktops is encrypted?  What happens if a device/storage is lost, stolen or compromised in some way, can the files be accessed?
Thanks
0
I have a Cpa Client who wishes to receive data from clients but have it encrypt on their end before it transports to our office

Wanted to use Dropbox with SecreteSync but the Sync software is set for end of life.

Is there another software like it out there? or is there a platform I can use to accomplish this function

We believe we should provide the Encryption since we are requesting it.

Cjoego
0
Issue :SSL Certificate Signed Using Weak Hashing Algorithm      

An SSL certificate in the certificate chain has been signed using a
weak hash algorithm.      The remote service uses an SSL certificate chain that has been signed
using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5,
or SHA1). These signature algorithms are known to be vulnerable to
collision attacks. An attacker can exploit this to generate another
certificate with the same digital signature, allowing an attacker to
masquerade as the affected service.

Note that this plugin reports all SSL certificate chains signed with
SHA-1 that expire after January 1, 2017 as vulnerable. This is in
accordance with Google's gradual sunsetting of the SHA-1 cryptographic
hash algorithm.

Note that certificates in the chain that are contained in the Nessus
CA database (known_CA.inc) have been ignored.      

Contact the Certificate Authority to have the certificate reissued.      

http://tools.ietf.org/html/rfc3279
http://www.nessus.org/u?e120eea1
http://technet.microsoft.com/en-us/security/advisory/961509

      
Plugin output:The following certificates were part of the certificate chain sent by
the remote host, but contain hashes that are considered to be weak.

|-Subject             : CN=XXX
|-Signature Algorithm : SHA-1 With RSA Encryption
|-Valid From          : Sep 30 12:06:43 2016 GMT
|-Valid To            : Sep 28 12:06:43 2026 GMT
0
Further to my last question, here goes.
I have a gigabyte z97 mb with intel rapid technology on it that provides raid 1 that I require with a pair of Samsung ssd,s. I also need to encrypt the drives with bit locker  however I am confused regarding the mechanism when and if one of the drives fails.
Could someone please clarify if I am chasing my tail or is what I want to do practicable ?
0
I was looking at encrypting data stored on file and database servers on a windows network. [functional level 2008r2] Does anybody know if using windows encryption is a good option or is there other encryption solutions that are easier and more efficient  to implement?
0
Free Tool: IP Lookup
LVL 11
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

It’s Friday, I’ve had a long week and something has just popped into my head that I really should be able to answer, but I can’t!  It’s probably a very stupid question.

You have a finance or HR system in your business, perhaps based on an Oracle or SQL database.  A decision is made, like most places I presume, not to encrypt the entire database, however users passwords are stored encrypted (in whatever way that may be).  What’s the point behind this?  What I’m questioning is if an attacker can get access to that database file can they not get access to all the other data they need and there for not require all the passwords?

Perhaps what I’m missing is a better understanding of how an attack may happen on a database or how databases work.  The only thing I can think of is that an SQL/Oracle etc. database isn’t a flat file so you can’t just open it in a notepad and view data.  You will have to load/connect to it via an SQL Server where you will have to authenticate.  Then what?  You manage to compromise/guess an account username and password.  This gives you access to the database and therefore the data you want.  You’ve got access so why do you need the remaining passwords?  What’s so valuable about the passwords when the system may hold bank account details that may not be encrypted?

One of the only uses I can think of is you compromise an account in the database so you can view data but what are you going to do with it.  Isn’t the point you then compromise other …
0
Hello all.

    Having a difficult time trying to get full disk encryption setup on our laptops.  Our laptops (approx. 10) are all new and running Windows 10 Pro 64-bit with LOCAL Administrator accounts.  We are a small shop with limited money and personnel so simplicity is imperative. If required, I would rather spend money than man hours.

They are all standalone workgroup systems.
Endpoint on these systems is Kaspersky Business Security Advanced.

I've tried enforcing Kaspersky encryption using Kaspersky Business Security Advanced. While testing Kaspersky encryption, I get activation/update failures between Office and Windows. Kaspersky support says there is no way the problem could lie in the encryption piece as all the encryption is done at the sector level.

I've tried enforcing BitLocker with Kaspersky Business Security Advanced. Doesn't seem to work (something about BitLocker management component not installed, even though it is) and Kaspersky Tech support tells me they recommend using Kaspersky full disk encryption anyways.

I tried using BitLocker standalone, but the local admin accounts can just turn it off (and Applocker isn't available in Windows 10 Pro).

What other options do I have to accomplish this?
0
Hi Guys,

We have configured the ADFS server with salesforce for SSO. All was working ok, since last week, when the SSL cert expired. I updated the SSL cert and it shows the right date on the service cert, Encryption cert and singing cert.

But the fedarationmetadata.xml URL is not opening. It shows the error as ERR_CONNECTION_RESET. Need to fix that asap.

Regards,

Ajoy
0
I have a question in regards to encrypting email.
Does exchange 2013 encrypt email when going outside of the exchange server and if so, is this set by default?
0
I recently setup a two-tier PKI with Microsoft Active Directory Certificate Services on Server 2012 R2. When I attempt to verify my configuration with the LDP.exe tool, I am prompted for a smartcard.  I have to click cancel serveral times, before the tool will connect to my domain controller.   The event log shows Schannel Errors with Event ID 36870 when the smartcard window is dismissed.
0
What is a good file and or drive encryption program ( on an external drive for mobile transport) that I can use on a windows 2008 server.
Is there a good free program? ( I prefer not to use Bit Locker)
0
I have a IdHTTPServer and i want implement the support for handle both http and https request. There are my consig

FSSLHandler := TIdServerIOHandlerSSLOpenSSL.Create(nil);
FSSLHandler.SSLOptions.CertFile     := 'certificate.pem';
FSSLHandler.SSLOptions.KeyFile      := 'key.pem';
FSSLHandler.SSLOptions.RootCertFile := 'chain.pem';

FIdHTTPServer.Bindings.Add.Port := 443;
FIdHTTPServer.IOHandler := FSSLHandler;

FIdHTTPServer.Activate := true;

Open in new window


in the server directory i have ssleay32.dll and ssleay32.dll v1.0.2l (Win32) downloaded from http://indy.fulgan.com/SSL/

when i make a request from Chrome, in the security tab of the developer tool i see:

YLrb4.png
Also, analyzing the server with sslyze i have some others security issue (see VULNERABLE label):

> sslyze --regular local.XXXXXXXXXXXXXX.com:4343

SCAN RESULTS FOR LOCAL.XXXXXXXXXXXXXX.COM:4343 - 127.0.0.1
 --------------------------------------------------------

 * SSLV2 Cipher Suites:
      Server rejected all cipher suites.

 * TLSV1_1 Cipher Suites:
     Preferred:
        None - Server followed client cipher suite preference.                                                            
     Accepted:
        TLS_RSA_WITH_AES_256_CBC_SHA                      -              256 bits                                                                  
        TLS_RSA_WITH_CAMELLIA_256_CBC_SHA                 -              256 bits                                    
0
Hi

I encrypted a USB drive using BitLocker To Go in Windows 10 Pro and when I inserted it into a new machine it prompted for the password. Once I entered it in I noticed a More Options section which allowed me to check Automatically unlock on this PC. I have since realized I don't want this to occur but I don't know how to make it go back to the way it was. I looked in Credential Manager with no luck. Sorry I'm new to BitLocker.
0
Dear
 I have problem with a user machine who made all excel files encrypted on windows XP , unfortunately the machine needs to install windows 7 on it after that all encrypted files not opened how i can solve  this case
thanks
0
Important Lessons on Recovering from Petya
LVL 11
Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Hi All,

Im running an ASR 1000 with version XE 3.13.01.S (15.4(3)S1). Does it support SHA256 and AES256 for ikev1? I know it does for ikev2 but I am not sure about ikev1 both phase 1 and phase 2.
Here is what I found on a cisco website: https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/116055-technote-ios-crypto.html

"Support for the NGE control plane (ECDH and ECDSA) has been introduced with Version XE3.7 (15.2(4)S). Initial control plane SHA-2 support was for IKEv2 only, with IKEv1 support added in Version XE3.10 (15.3(3)S). AES-GCM-128 and AES-GCM-256 encryption algorithms have been supported for IKEv2 control plane protection since Version XE3.12 (15.4(2)S) and 15.4(2)T. NGE dataplane support was added in Version XE3.8 (15.3(1)S) for Octeon based platforms only (ASR1001-X, ASR1002-X, ESP-100, and ESP-200); dataplane support is not available for other ASR platforms."

Whats the difference between data plane support vs control plane support?

Thanks and kind regards.
0
I have heard that Blockchain Database are secure because of their use of "Byzantine fault tolerance."

I am told, Blockchain algorithms use encryption techniques to intertwine new data with existing data using this type of cryptography.

Please verify this and explain in more detail where the term "Byzantine fault tolerance" comes from and what it is exactly?

Thanks
0
I have a customer with Windows 10 Home Ed. What is recommend to encrypt the entire hard drive?
0
We have a business scenario in which our clients send PHI to us. Our policies mandate encrypting the payload (containing PHI) prior to transfer, and then using S-FTP to conduct the transfer. We're getting complaints from our clients that the process is cumbersome.  We ask them to encrypt using 7zip, and then open Filezilla to send the payload. We think it's pretty simple but alas, some of our clients think otherwise. What we like to have is one application that can do both with a very simple UI:
1. Select the files to be shipped.
2. Under the covers with some configuration files perhaps, specify a client name and a public key for encryption.
3. Provide a username/password for the S-FTP.
4. Send.

Does anyone know whether such a tool exists, or would we be scripting this ourselves?
0
I'm trying to identify a ransomware virus that hit a network. I believe it is “FakeGlobe” virus. Aside from not knowing how it got on the network, there are other things I cannot figure out.  The more I know, the better I can protect this network. We did have backup replicated offsite so we are good. It just took a lot of work rebuilding servers and restoring data.

This virus uninstalled TrendMicro on servers and workstations. It then ran on those devices.  This created a unique encryption. If they were to have paid to get it unencrypted, they would have had to pay for each computer separately.  It appears it did not rely on shared drives to spread it.  

It also infected a server that was off the domain. The administrator account password was not the same as administrator password on the network. I have no idea how they could have gotten to that.

There are only three people with domain admin rights and there are service accounts with domain admin rights. None of the three users were on the network when it hit on a Saturday evening.  Passwords for the accounts with administrator rights were not changed. This means they had to find a way to read the passwords.

I did see information about  Pony Botnet that may have been used https://thehackernews.com/2014/02/pony-botnet-steals-220000-from-multiple.html 

I’m just looking for thoughts and ideas on how this could have happened so I can prevent it from happening again.  I’d like to know if it was done manually by …
0
Hi,

I had a customer ask this today. I know what a SHA256 hash is, but is a SHA1 certificate?

Thanks,

Chris
0

Encryption

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.