Tag: key

encryption – Cracking Viginere Ciphers using same-length key used twice

Assuming I had two ciphertexts which were encrypted using the same key that has the same length with the ciphertexts. (However the keys didn’t have any repetitions or features that would assist in frequency analysis).

Apart from the crib dragging technique (which I didn’t have much success in), are there any other techniques I can use to possibly crack these ciphertexts?

evaluation – What are key differences between InputNotebook and EvaluationNotebook?

I am still new to Mathematica but advancing to a point of programming notebook and cell manipulations using native commands. Sometimes they call for specifying InputeNotebook[] while at other times they call for EvaluationNotebook[]. What are their key differences?

If I am only working with a single open notebook which type do I have?

If my current open notebook is notebook.nb and wish to load a function saved to function.nb which type are they?

If I am unsure of which type I have which is the safest to use?

openssl – Why does it take so much time to create a secret key on a HSM?

I was testing key generation on a Hardware Security Module and I noticed that it takes so much time to generate an AES 256 secret key on the HSM.

I’ve used pkcs11-tool to generate the key and it took about 5 sec to complete the task:

$ pkcs11-tool --module <modules.so> --key-type aes:32 -p <PIN> --token-label SC_TEST --keygen --id 6887513122


Secret Key Object; AES length 32
  VALUE:      622650851419537140e20f58570bf1815d523d7a673dbbfd34d04a635326bb12
  label:
  ID:         6887513122
  Usage:      encrypt, decrypt, wrap, unwrap

real    0m4.847s
user    0m0.022s
sys     0m0.015s

OpenSSL on the other hand is very fast (does not use a HSM):

$ touch file
$ openssl aes-256-cbc -pbkdf2 -nosalt -P -in file -pass pass:testpassphrase


key=4E1F51BCB47608C267B9AE35E4648926D8A9E671521747E942857FC9671FC52B
iv =F773521265678AB0F4D6AA9AFED6912A

real    0m0.026s
user    0m0.023s
sys     0m0.004s

So I wanted to know why does it take so long to generate keys on the HSM ? or am I doing something wrong ?

Note that this is high end and expensive HSM.

openssl – Why does it take so much time to create a secret key on an HSM?

I was testing key generation on a Hardware Security Module and I noticed that it takes so much time to generate an AES 256 secret key on the HSM.

I’ve used pkcs11-tool to generate the key and it took about 5 sec to complete the task:

$ pkcs11-tool --module <modules.so> --key-type aes:32 -p <PIN> --token-label SC_TEST --keygen --id 6887513122


Secret Key Object; AES length 32
  VALUE:      622650851419537140e20f58570bf1815d523d7a673dbbfd34d04a635326bb12
  label:
  ID:         6887513122
  Usage:      encrypt, decrypt, wrap, unwrap

real    0m4.847s
user    0m0.022s
sys     0m0.015s

OpenSSL on the other hand is very fast (does not use an HSM):

$ touch file
$ openssl aes-256-cbc -pbkdf2 -nosalt -P -in file -pass pass:testpassphrase


key=4E1F51BCB47608C267B9AE35E4648926D8A9E671521747E942857FC9671FC52B
iv =F773521265678AB0F4D6AA9AFED6912A

real    0m0.026s
user    0m0.023s
sys     0m0.004s

So I wanted to know why does it take so long to generate keys on the HSM ? or am I doing something wrong ?

Note that this is high end and expensive HSM.

foreign key – Postgresql Create ForeignKey with repeated table name in value of ref contrain key

I am working on a database which does not contain any foreign key. When i open table I see strange format key because table of parent reference is stored in the value.

exemple

CREATE TABLE foo 
  ( 
  id SERIAL,
  name text
  );

CREATE TABLE bar
  ( 
  id SERIAL,
  foo_id text,
  name text
  );

INSERT INTO foo("name")
VALUES ('john');

INSERT INTO bar("foo_id","name")
VALUES (CONCAT('foo.'|| 1),'doe');
INSERT INTO bar("foo_id","name")
VALUES (CONCAT('foo.'|| 1),'kelly');

Can I create an FK with this type of structure? I have never seen this before

encryption – how does filevault get the key to unlock an encrypted drive?

I an trying to understand how FileVault (specifically the later version used in recent macOS releases, i.e. FileVault 2) stores and retrieves its encryption key.

This is prompted by two specific questions/observations:

  1. When you boot up a device with FileVault enabled, it goes to your login screen and shows your username, and a place to enter a password. When you do log in, it is extremely quick. This implies the disk already was decrypted. Assuming that the encryption key somehow was derived from your passphrase, this should be impossible, as you have not yet entered it.
  2. If you create an alternate OS install, e.g. another copy of the latest (Catalina) or a beta (Big Sur), in another APFS volume, you can encrypt it. Assuming you want similar convenient behaviour, the encryption key you provide should be related to whatever encryption key is used for your other volumes. Of course, it is possible that the read-only OS volume is not encrypted and only the read-write Data volume is encrypted, but that is not what appears in the various utilities.

programming languages – Looking for a software to make license key for my pdf file such a way that for different machines the license key will be different

Looking for a software to make license key for my pdf file such a way that for different machines the license key will be different. I have already seen serial key maker is not a solution. I am describing it a little more. Whenever someone will open the pdf file, there will be generated as for example 16 digit no and when he/she will email me that copied out 16 digits no and then I will enter the no in my software there will be generated a serial key for his machine only. so obviously you got my point for the different machines the 16 digits no will be different.

Java: way to convert a 256-bit private key to WIF?

You should convert hex representation of bytes to byte array (not String to byte array). Then make hash. Then convert the byte array back to hex representation of bytes in String.

The whole solution will look like:

import java.security.*;

class HashExample {
    public static void main(String() args) throws NoSuchAlgorithmException {
        String string = "0C28FCA386C7A227600B2FE50B7CAE11EC86D3BF1FBE471BE89827E19D72AA1D";
        string = "80" + string;
        byte() data = hexStringToByteArray(string);
        byte() digest = MessageDigest.getInstance("SHA-256").digest(hexStringToByteArray(string));
        String result = bytesToHex(digest);
        System.out.println(result);
        //prints: 8147786c4d15106333bf278d71dadaf1079ef2d2440a4dde37d747ded5403592
    }

    public static byte() hexStringToByteArray(String s) {
        int len = s.length();
        byte() data = new byte(len / 2);
        for (int i = 0; i < len; i += 2) {
            data(i / 2) = (byte) ((Character.digit(s.charAt(i), 16) << 4)
                    + Character.digit(s.charAt(i+1), 16));
        }
        return data;
    }

    private static String bytesToHex(byte() bytes) {
        StringBuffer result = new StringBuffer();
        for (byte b : bytes) result.append(Integer.toString((b & 0xff) + 0x100, 16).substring(1));
        return result.toString();
    }
}

Of course this is just example. In production code I recommend to use one of the available libraries which can perform this task.