I want to encrypt string with the same length of character string and decryption with same length of character string using sql server. For Example:
Encryption
Input: Encrypt("002581") -- with 6 characters
Result: a&pE12 -- output with same 6 characters in encrypted form
Decryption
Input: Decrypt("a&pE12") -- with 6 characters
Result: 002581 -- output with same 6 characters in decrypted form
Short answer: there is no such secure encryption scheme.
Longer answer: any kind of encryption scheme obfuscates content of a plain text to be indistinguishable from other messages from the same message space. To do so all cipher texts produced must be of the same length (ideally) regardless of an input plain text. At least the length should be different from a length of a plain text.
So please, don't even consider such an encryption technique. It's insecure by definition.
Related
I am writing code for an SSH server and can not get past the Elliptic Curve Diffie-Hellman Key Exchange Reply part of the connection. The client also closes the connection and says "Host Key does not match the signature supplied".
I am using putty as the client and a PIC micro-controller is running the server code.
From RFC 5656 [SSH ECC Algorithm Integration] :
"The hash H is formed by applying the algorithm HASH on a
concatenation of the following:
string V_C, client's identification string (CR and LF excluded)
string V_S, server's identification string (CR and LF excluded)
string I_C, payload of the client's SSH_MSG_KEXINIT
string I_S, payload of the server's SSH_MSG_KEXINIT
string K_S, server's public host key
string Q_C, client's ephemeral public key octet string
string Q_S, server's ephemeral public key octet string
mpint K, shared secret
"
the host key algorithm and key exchange algorithm is ecdsa-sha2-nistp256 and ecdh-sha2-nistp256 respectively.
referring to RFC 4251 for data type representations, as well as the source code in openSHH (openBSD) this is what I have concatenated.
4 bytes for then length of V_C followed by V_C
4 bytes for then length of V_S followed by V_S
4 bytes for length of I_C followed by I_C (payload is from Message Code to the start of Random Padding)
4 bytes for length of I_S followed by I_S (payload is from Message Code to the start of Random Padding)
4 bytes for the length of K_S followed by K_S (for K_S I used the same group of bytes that is used to calculate the fingerprint)
4 bytes for the length of Q_C followed by Q_C (i used the uncompressed string which has length of 65 - 04||X-coordinate||Y-coordinate)
4 bytes for the length of Q_S followed by Q_S
4 bytes for the length of K followed by K (length is 32 or 33 depending is the leading bit is set or not. If it is set then K is preceded by a 00 byte)
Once concatenated I hash it with SHA256 because I'm using NISTP256. SHA256 outputs 32 bytes which is the size of the curve, so I take the whole SHA256 output and perform the signature algorithm on it.
I can never get the correct signature from my message concatenation.
I know my signature algorithm is correct because given the message hash output I can get the correct signature.
I know my shared secret is correct because I get the same output as online shared secret calculators.
I know the SHA256 is correct because I get the same result using online calculators.
This leads me to assume the error is in the concatenation of the exchange hash.
Any help is greatly appreciated, thanks.
ECDSA signature generation is non-deterministic, i.e. part of the input is the hash and part of the input consists of random bytes. So whatever you do, you will always get a different signature. This is all right because signature verification will still work.
The only way to get a repeated signature is to mess with the random number generator (during testing, you don't want to sign two values using the same random number: you'd expose the private key!).
I need to print an encrypted string as is in a rdlc report. My problem is if the string contain a plus sign it creates a new line in the Textbox. How to avoid this?
Encryption produces output that is binary and contains many bytes that have no displayable representation.
Because of this if encrypted data needs to be displayed it is generally either Base64 (best for computers) or hexadecimal (best for people) encoded.
It seems that you may have base64 encoded encrypted data and that is generally composed of the upper and lowercase characters, the 10 digits, "+", "/" and "=". You can not delete these and expect to recover the encrypted data.
If these characters present a problem they can be many times be escaped in some manor or another encoding can be chosen such as hexadecimal or an alternate Base64 character set, see Base64. If you choose an alternate Base64 character set interoperability will most likely be impaired.
Note: More information would produce a better answer.
I had to replace the "+" with "รท".
Users don't notice is it since the PDF is just a visual representation of the CFDI, I haven't had any issues with it.
I encrypt a UTF-8 string + current timestamp using AES 128bit CTR mode with a 4 bytes random initialization vector, which is generated by NodeJS's crypto.randomBytes().
Finally I base64 encode the whole output, using a URL-friendly base64 variant.
Question: the AES output should be unique due to timestamp + random data. But is final base64 string also guaranteed to be unique?
Thanks in advance!
Yes, Base64 is a reversible transformation, so if input is unique than output will be also unique.
I was given a task to encrypt a string, but I must create my own encryption techniques.
I have an idea of how to do it. I can associate each value in a string with a number, like so:
A = 0
B = 1
...
And then I want to substitute characters for digits in the tens and higher: if I enter the string "DOG" it must display
3.46 // . is 1 and .. is 2
// .4 is 14
I would like hear your ideas.
I was given a visual basic form to work on. I can enter a string; that is fine.
Input = txtInputString.Text
But I also have to decrypt a string. To show I want to decrypt the string I have to have
string, false
, the false showing that i want to decrypt the string. How do i do this?
Encryption and decryption of simple English text is fairly quite forward if you use a simple method such as Ceasar Cipher.
However you have to determine how you are going to represent all of the symbols in the language. This would include not only letters but digits and spaces and maybe punctuation as well.
The standard ASCII character set has most of what you might need for English the question is whether you want to simplify your alphabet by restricting your symbols to only upper case letters, digits, and a space. Human beings can usually read text, especially short text even if it does not have punctuation.
The approach for a simple cipher would be to have a table of the symbols in your alphabet (the upper case letters, digits zero through nine, and a space character). Next rearrange the table so that it is not in sorted order.
When doing an encrypt you would take each character, look it up in the table and determine a two digit offset within the table. This two digit number would be the encryption symbol for that character and is what you would write out as part of the string of encryption.
When doing a decrypt you would take each two digit pair and use that as an offset into the table, find the character at that location in the table, and the write the character from the table out as part of the string of decryption.
Your encrypted string would be a series of two digit pairs all strung together as one long number.
For your form, I would expect to have two text entry groups each with a button, a text entry field, and a text display field. The first group would be for the text to encrypt and that button you would press to perform an encrypt once the text is entered. The encryption text would display in the field below the text entry field.
The second group would be the text to decrypt and that button you would press to perform a decrypt.
If I have a string that will be encoded with Base64, Md5, or some other hash or encryption function, is there a way to at least be able to make a fair guess as to what it is?
You can try to guess but with a lot of false results. Md5 always have 32 characters, base64 have a limited set of possible characters, etc.