I am using cryptography to implement some blockchain application, after I looked code, I don't know how to distinguish SHA2-256 and SHA3-256.
The Elliptic Curve Digital Signature Algorithm (ECDSA) supports any hash function not limited to the SHA family, as MD5. SHA-3 should be supported, yes, indeed, I recommend using it as it is a open contest standard and improves security.
Related
I am a novice programmer who is implementing a digital signature for a PDF doc. I want to know the standards used in the industry to sign and verify the document.
A stepwise approach from key generation to verification of document works for me.
There are ISO standards and RFCs for digital signatures.
But the above have many many options. So the real question is "which profile for digital signatures is most recommended?" The answer is PAdES. It is supported and used by Adobe, DocuSign, and all of the significant players.
Is there a proper way of doing an AES CMAC encryption in Java Cards?
After researching I've hit a roadblock wherein I cannot find any example or samples of Java card that has AES CMAC encryption. Is there any way or at least is it possible to do an AES CMAC encryption on a Java Card
There are three possibilities:
either you take a Java Card that has an extended API that supports AES-CMAC (certain JCOP cards for example);
you take a Java Card with API version 3.0.5 (very rare currently);
you implement AES-CMAC from scratch using the AES Cipher and Signature objects (this is possible and not too difficult, I did this some years ago).
I need a push in the right direction - preferably with code samples/links - for how to encrypt an NSString using DES encryption algorithm. Knowing that it is not that secure, but a possible candidate for avoiding to file a CCATS.
Could commoncrypt be the solution?
Or would using the key chain or sqlcypher be able to provide encryption and avoid the CCATS paper work.
In my app, i dont see any issue with 56 bit security and i dont assume any issue with a symmetric key solution.
In short:
I can't find any good example of how to use 56bit DES symmetric encryption for my ios 4.2 app (This is to avoid the CCATS hassle)
Why don't you use the Security.framework?
I need an obvious example about AES decryption. i just want to know how it works in order to make my own coding of this algorithm so, I neither want code nor algorithms, i just want some explanation of how it works, I need to understand it first before i can make an implemetation fir it. Can someone give me tutorials or references?
How about Moserware's A Stick Figure Guide to the Advanced Encryption Standard (AES)? It's clear and entertaining. Don't forget to sign and date the Foot-Shooting Prevention Agreement.
The question is pretty simple, is it possible to create a FIPS 140-2 compliant server in Perl? Especially, is it possible without modifying any of the C code for the modules? If it's not possible in straight Perl, what would be the easiest way to go about it from a C perspective?
I'm basically creating a mini-httpd that only serves up a single file, but due to security restrictions it needs to be served up on SSL under FIPS compliance.
I don't know all of the rules when it comes to FIPS 140-2. However, unlike HIPAA and PCI-DSS its a standard that governs the strength of cryptography and doesn't take the system as a whole into consideration. Parts of OpenSSL can be FIPS 140-2 compliant and this library is exposed to perl via the Crypt::OpenSSL module. You just have to make sure your key size is large enough for the level of FIPS certification you need and that you don't violate a one of the many Cryptographic Issues.
Take a look at Mozilla's FIPS strategy. Triple DES is most likely to be Open Source. I am unaware of any certified FIPS 140-2 solutions in Perl.
Most implementation approvals are very restrictive, such as being on a certain hardware platform, CPU, and OS version. If you are on one of those platforms, you can often piggyback on the OS approval, such as Windows 7, Redhat, etc.