has anyone experience with trapdoor hashes? I was looking for some code example or a Java library which I could use. Or is there a way to create those hashes with the given tools, e.g. JCE?
Kind regards
Oliver
The most common trapdoor hash functions are RSA and Rabin who both rely on the difficulty of factorization. Here are some Java projects which implement these:
RSA encryption in Java
RSA.java
Java RSA Encryption: An example
Rabin Hash Function
rabinfingerprint
Related
In am using PKCS11Interop in C#, i got CKR_MECHANISM_INVALID error while trying to use method Sign. The key object i am using is of mechanism type CKM_EC_KEY_PAIR_GEN . but at signing time, i use mechanism CKM_ECDSA_SHA512 .
I tried to define key mechanism as CKM_ECDSA_SHA512 at key-pair generation time, but it seems that this key type needs some attributes that i don't know. The attributes i am using is similar to the correct version of this question, but it seems using hash algorithms need some thing more.
Please guide me how should i use SHA512 hash algorithm with ECDSA elliptic key.
Your unmanaged PKCS#11 library most likely does not support CKM_ECDSA_SHA512.
By returning CKR_MECHANISM_INVALID error your unmanaged PKCS#11 library is telling you that "An invalid mechanism was specified to the cryptographic operation". You can use GetMechanismInfo() method to check whether the mechanism is supported:
if (!slot.GetMechanismList().Contains(CKM.CKM_ECDSA_SHA512))
throw new Exception("Unmanaged PKCS#11 library does not support CKM_ECDSA_SHA512 mechanism");
However CKM_ECDSA_SHA512 (hashing and signing) mechanism is used rather rarely. It's much more common and efficient to compute SHA512 hash in your application and then sign it with CKM_ECDSA (just signing) mechanism.
Are there any implementations of these hashing algorithms in pure lua? I've found a couple for MD5 and SHA1 but none for these two which are the ones I'll be needing for a project. In the interests of portability, I need something in pure lua. Anyone know of anything?
Lua's lmd5 library states: A message digest library for Lua based on OpenSSL. It supports MD2, MD4, MD5, SHA1, SHA2, RIPEMD160, MDC2. Though I have never used it. But there are some libraries listed here. You might one of them useful.
Here's another library which might be what you seek.
If you use LuaJIT I have written an implementation of SHA256 here but it uses FFI ctypes: https://github.com/catwell/cw-lua/tree/master/sha256
Otherwise there's one here in pure Lua 5.2 which I have not tested: http://lua-users.org/wiki/SecureHashAlgorithm (already cited by Dream Eater).
Is it possible to duplicate output from the perl crypt function using ColdFusion decrypt?
I am not familiar with encryption programming, but as I understand it crypt uses the DES algorithm unless otherwise indicated. Coldfusion can use the DES algorithm, but I don't know what other parameters to use.
Allow me to clarify my situation. I am working with a vendor supplied application written in perl. My local toolset is mainly ColdFusion. I would like to enhance the vendor supplied login function with a 'lost your password/reset password' function. I would prefer not to change the vendor source code, which I have access to, since it get upgraded regularly and I don't want to have to keep applying the changes. The best solution, for a host of reasons, is to emulate the perl crypt() function output in ColdFusion so I can build the password reset function externally to the vendor application. It is admittedly an awkward and confusing situation.
I do not know if the emulation approach is feasible; if not it is back to the drawing board.
Just in case you didn't know, perl's crypt() function (and the crypt() function in the standard C library) is a one-way hashing function usually used for storing passwords. It's not an encryption function and there is no known decryption function.
As such, you're probably not looking for a function called decrypt(). I don't used Coldfusion, so I can't help you find the proper function.
I am looking for checksum algorithm written in obj-c so that I can validate a ticket(number) and generate 2Dbar code based on validation.
Any ideas on how to achieve this?
Thanks
Sounds like you can use a public-key cryptographic function.
Encrypt with the private key fixed length information, including a number (the real ticket number) and a random salt (to reduce the chance of someone cracking your key), into a fixed length output.
You can then use the public key to decode that output and verify that the information is there.
Here is some Apple sample code that demonstrates the use of cryptographic functions.
For 2D barcode code, you could start by looking at ZXing
What objective-c implementation of Blowfish would you advice to use? (Or may be I just missed some standard implementations available?)
Keep in mind that Objective-C is a superset of C, and so you don't need a specific Objective-C implementation. Blowfish written in C (like at this page, the first result of googling "C blowfish implementation") will do you just fine.
Not sure if you definitely wanted to go with blowfish, but the iPhone security framework supports the following out-of-the-box:
kCCAlgorithmAES128 - Advanced Encryption Standard, 128-bit block
kCCAlgorithmDES - Data Encryption Standard
kCCAlgorithm3DES - Triple-DES, three key, EDE configuration
kCCAlgorithmCAST - CAST
kCCAlgorithmRC4 - RC4 stream cipher
If you do decide to implement your own you may also need an arbitrary precision integer library, libtommath will compile for the iPhone will little to no changes.