I am trying to encrypt using Rijndael 256-bit block size, 256-bit key size, ECB mode and zero's for padding.
I was trying to use OpenSSL::Cipher::AES.new(256, :ECB) but I cannot for the life of me get the correct result I am looking for.
I have a solution in C# but I'm having trouble getting the Ruby equivalent for it.
In the C# code RijndaelManaged is used for encryption and what I'm having trouble with in particular is RijndaelManaged is ok taking in a byte array for the key and the object to be encrypted. I can't find a Ruby library that will do the same for me. OpenSSL::Cipher::AES will only take in strings.
Is there anything similar like this in Ruby? Google has failed me in finding anything and I'm not an encryption guru by any means. Any help or just point me in the right direction would be amazing. I just cannot figure out for the life of me. I have a related SO question to this if anyone wants to take a look. The answer is perfect I just cannot translate it to Ruby.
This question isn't a duplicate. I mean it is similar to the question it is listed as a duplicate of however the answer doesn't help me at all. The answer they link to is a library that uses :cbc but I need :ecb mode for the Rijndael encryption. I agree though the questions are very similar. Just the answer doesn't help me hence me asking this question.
I think the only gem in existence that could accomplish this task for me turned out to be the ruby-mcrypt gem. For any future generations who are in need of a library to encrypt some lesser used and potentially unsafe encryption technique.
Related
I need some mechanizm of safe storing passwords in database with inverse algorithm(that's why hashing unfortunately does not fit).
Does anyone know about such algorythms and how to realize one of them in PostgreSQL?
May be any secret-key cryptography?
Although I would strongly advice you to be very cautious about what you are trying to accomplish here; yes a secret-key cryptography would be a good solution to your problem.
Fortunately, PostgreSQL provides support for encryption and it can be achieved as easily as this:
Select encrypt (info_to_encrypted, key, algorithm_name);
The topic might be lengthy and thus I'd direct you to check these excellent slides:
Encrypted PostgreSQL
Also please read this very good stackexchange question before you proceed with what you're trying to do.
I think there is no way of storing a password safely with an invertible algorithm, because it is the idea of these algorithms is that everything they encrypt can be decrypted and therefore they will always be unsafe.
This idea just popped into my head, so I don't have any code to show for it, but I was curious to know the answer. How is spell check implemented on most major word processors? I'm most curious to know what kind of data structures would be used in the creation of such a utility. Also, references to algorithms would be nice answers as well.
For a basic guide in python, have a look here.
Also you might want to look at this past question
I have a couple audio libraries that I need to scrub so I can turn on -ffinite-math. I know I need to remove the use of NaN and +/-Inf as sentinel values but am unclear how to ensure stability in the code. I am also not sure what kind of floating point comparison tests I can safely make when using -ffinite-math-only. Is it better just to scrap the code and rewrite it?
I know there is not a simple answer so please feel free to post links to any literature that discusses stable floating-point code without the use of sentinel values and/or refactoring floating-point code for speed.
Thanks
I would like to know how one achieves the following signature. I have read online that (al least in the past) researchers will take the "suspected" file the binary code, convert it to assembly, examine it, pick sections of code that appear to be unusual, and identifying the corresponding bytes in the machine code.
But then how is the bellow virus string signature achieved?
MIRC.Julie=6463632073656e6420246e69636b20433a5c57696e646f77735c4a756c696531362c4a50472e636f6d0a0d6e31333d207d0a0d6e31343d200a0d6e31353d206374637020313a70696e673a2f6463632073656e6420246e69636b20433a5c57696e646f77735c4a756c696531362c4a50
Also, (although this might sound completely crazy) that string above must mean something, i can only guess a sequence of actions, actual code, etc. So if it was once "translated" in this form (virus signature) from assembly, is it possible to convert it back?
Just in case you might wonder why am asking what even I think is a weird question. This is why... I am preparing my BSc final year computer science project, and at this point I am wondering whether it would be possible to maybe generate/estimate/evaluate/predict virus signatures by using GA's (Genetic Algorithms). Maybe that will help make my question a bit easier to understand, I hope.
Thanks!
You cannot revert it back because normally virus signatures are encrypted. The way they are obtained is by extracting the binary mallicious code from an executable and then converting it to hexadecimal representation.
Hopefully helps
The virus signature shown is probably dependent on the scanner that generated it. I find it extremely easy to believe that all virus scanners create their signatures in different ways. Without a source, there's no way to explain how it was developed, and even with a source I doubt this is something that AV companies will reveal, since it allows virus developers the opportunity to avoid detection.
"Generate/estimate/evaluate/predict" are four different problems and not all of them are best done with a GA. You need to select your problem before selecting an algorithm.
I am implementing a custo crypto library using the Diffie-Hellman protocol (yes, i know about rsa/ssl/and the likes - i am using it specific purposes) and so far it turned out better than i original expected - using GMP, it's very fast.
My question is, besides the obvious key exchange part, if this protocol can be used for digital signatures as well.
I have looked at quite a few resources online, but so far my search has been fruitless.
Is this at all possible?
Any (serious) ideas are welcome.
Update:
Thanks for the comments. And for the more curious people:
my DH implementation is meant - among other things - to distribute encrypted "resources" to client-side applications. both are, for the most part, my own code.
every client has a DH key pair, and i use it along with my server's public key to generate the shared keys. in turn, i use them for HMACs and symmetric encryption.
DH keys are built anywhere from 128 up to 512 bits, using safe primes as modulus.
I realize how "pure" D-H alone can't be used for signatures, i was hoping for something close to it (or as simple).
It would appear this is feasible: http://www.quadibloc.com/crypto/pk050302.htm.
I would question why you are doing this though. The first rule of implementing crypto is don't implement crypto. There are plenty of libraries that already exist, you would probably be better off leveraging these, crypto code is notoriously hard to get right even if you understand the science behind it.
DSA is the standard way to make digital signatures based on the discrete logarithm problem.
And to answer a potential future question, Ephemeral-static Diffie-Hellman is the standard way to implement asymmetric encryption (to send messages where you know and trust the recipients public key (for example through a certificate), but the recipient does not know your key).