Encryption Articles

Overview of XML Encryption

XML encryption classifies a course of action for encrypting plain text data, generating ciphertext, and decrypting the ciphertext to retrieve the plaintext data.

What is the Point of Encryption if you Don’t Know Who For?

Phishing is the fastest growing threat in the history of Internet and has gained immense popularity amongst Internet fraudsters and hackers as a simple yet effective way to gain unsolicited access to confidential user information.

Paper Passports About To Fade Away

In a post-911 society, identification documents will move away from paper and toward utilizing digital media.

SHA-1 Encryption Algorithm Cracked

SHA-1, a nine-year old, secure online communications encryption algorithm has been hacked by a group of three Chinese researchers.

Encrypt Sensitive Configuration Data with Java
· 1

When application developers are developing, parameters are often hard-coded in the source code. These hard-coded parameters are often pulled out of the source code and put into property files or configuration files. System and network security policies may force a developer to address security concerns over the data that is stored in external files. So, how do you make sure that your sensitive external parameters are safe?

File and Email Encryption with GnuPG (PGP) Part Six

Last time I showed you how to exchange and verify public PGP keys with an individual. After you’ve verified a user’s key (KeyID, bits, type, fingerprint, and user’s actual identity) you should sign their key.

File and email encryption with GnuPG (PGP) part five

Verification is part of any security system. SSH, FTP, POP, and IMAP servers ask for your password before it lets you log into the machine, get your files, or snag your email. NTP can be configured to require keys before it’ll let you mess with it’s clock. CIFS requires a password or kerberos tickets before granting you access to shares.

File and Email Encryption With GnuPG (PGP) Part Four

GnuPG and other PGP implementations allow you to encrypt (scramble the data so only intended recipients can read it) and/or sign (provide proof that the data has been unaltered in transit). As you should remember, PGP keys are made up of two parts, a public key and a private key. The public key can (and in most cases should) be available to anyone – there’s no harm in allowing it out to the entire world. The private key should be kept somewhere secure, protected with a strong passphrase.

File and Email Encryption with GnuPG (PGP) Part Three

Last time[1] we’d created our PGP key. Let’s jump in with some encryption and decryption examples.

File and Email Encryption with GnuPG (PGP), Part Two

Jumping right in, let’s create our PGP public/private key pair. I’ll use GnuPG, the Gnu Privacy Guard, available at http://www.gnupg.org, and which is very likely already available with your Linux distribution. If you want to use older free or commercial PGP versions, the commands are very similar. Any GUI front end will also have the same functionality.

File and Email Encryption with GnuPG (PGP) Part One

File and mail security is easy to achieve with the right tools. PGP has proven itself the leader, and GnuPG is the tool of choice in the Linux world.

Securing Network Resources

Network attacks are the biggest risk for Windows 2000 servers. Since the release of the old Windows NT 3.1, hackers have been actively looking for bugs in Microsoft Windows operating systems. Tools like SecHole, IISInjector, NAT (NetBIOS Auditing Tool), SMBRelay and L0pthcrack have been developed to reveal passwords, execute actions on a server, forge network connections and degrade system performance. In addition, several critical security vulnerabilities have been recently released for Windows 2000 that can completely expose a network to an intruder.

John Dabnor On VoIP Encryption

Wiretapping is a common occurrence; nothing is secure unless secured.

Password encryption: rationale and Java example

Where has your password been?