This tag is used for code review questions relating to cryptographic topics such as encryption/decryption and hashing.
3
votes
2answers
103 views
Encryption with many algorithms using Crypto++
For the last few days I have been working on this code to develop a class that allow me to crypt a block of byte with many algorithme.
One block will be divided into three equal blocks and every ...
2
votes
1answer
59 views
Encryption/decryption of a string with a salt
I have a new job coming up soon and want to increase my PHP knowledge.
This is my first attempt at creating and using a class. I just want to know if it's the correct way to do things.
It's very ...
2
votes
0answers
34 views
BouncyCastle RSA Implementation
This is my implementation of 1024bit(can be changed) RSA. Is there anything I'm doing wrong?
...
6
votes
2answers
296 views
MD5 shuffling with a defined pattern of numbers
I've created a MD5 shuffler with a defined number pattern. Does this make sense? Will this make storing passwords more secure? Is it efficient?
...
4
votes
1answer
36 views
String encryption function in admin section
I have been using this function locally to encrypt strings for example a username.
If the user successfully logged in, place the encrypted username into a ...
3
votes
1answer
76 views
BouncyCastle Rijndael 256 Implementation
I modified the implementation from this website to include a salt:
...
0
votes
1answer
58 views
Decrease file size of encrypted file
I am making a Cryptography application and I noticed that the encrypted file is approximately 2 times bigger because I am encoding the files in base64. Are there any file encodings that take less ...
2
votes
2answers
106 views
Change random methods without losing too much performance
I have a class in C# that uses a Random object to get a list of numbers randomized from an array of 1-25. Now what I need is improve this method to use ...
1
vote
0answers
78 views
Encrypt texts, with saved password using pycrypto
I have the code bellow, which is supposed to be used inside a larger program.
Please see notes about the requirements below the code.
...
0
votes
1answer
83 views
256 bit AES encryption in Android
I am using the following code to encrypt a file in an SD card in Android:
I want the code to be reviewed for:
Security (prioritize this)
Coding Style
Performance
...
12
votes
1answer
161 views
Cryptographically-secure super-secret government message transaction machine
-Hello Agent. Are you on a secure line?
-Yes, secured.
-Good, in 30 seconds the launch codes will be in your e-mail's inbox.
You now have the go. Are you ready for the package?
...
5
votes
2answers
102 views
How easy is it to crack this encryption algorithm?
When I was about 13 or 14 years old, I was a little interested in cryptography (which is, after all, an interesting field). I learnt quite a lot since that time (it has been about 8 years since then), ...
5
votes
1answer
53 views
Clarity of encryption class
I have recently gotten back into development and I am wondering if the script I have just created is clearly documented and easily understandable throughout each step. Is it easy to understand?
...
10
votes
2answers
69 views
Citadel's VisualEncrypt and VisualDecrypt
I was skimming through this paper out of boredom. On pages 5 and 6, the paper shows a simple encryption/decryption scheme that Citadel uses to obfuscate data. The algorithm basically XORs the next ...
6
votes
1answer
87 views
Secure password-hashing in Java
Here is an article on password hashing, along with an implementation.
Is this code secure with number of iterations 10000, key length 256 and salt bytes 32?
Is there a rule-of-thumb for key ...
4
votes
1answer
63 views
Simple password dictionary attack script
This is my simple Perl script implement password dictionary attacking, encryption algorithm SHA1 with different length.
It takes 2 arguments as input: first argument is password dictionary file path, ...
4
votes
0answers
97 views
Password-hashing method in Java [closed]
There is an article on Crackstation where they show you how to hash a password correctly. I've implemented the Java version of it which is working fine, but is the method they use secure?
...
5
votes
1answer
91 views
Parallelizing scrypt key-derivation function
To review my use of multiprocessing, I don't think it is at all necessary to understand the algorithm, but it's the scrypt key-derivation function.
This uses ...
2
votes
1answer
132 views
User name and password validation in a MVP application
In a WinForms application I'm doing the password validation as follows:
When the user presses the OK button after entering username and password, an event will be fired and the listener in the ...
2
votes
1answer
44 views
Ensuring client IDs are unique
I'm writing a node.js application that involves handling clients based on their ID without any real way of confirming that the ID a client says it has is its actual ID. That is, it's possible for a ...
6
votes
3answers
469 views
Simple Caesar shifter in C#
I use these in a windows form with fun buttons, I wanted to see what the world thinks of my coding.
This is something that I coded about 2-3 years ago, I did change some of the coding when I looked ...
3
votes
3answers
48 views
Keyfile Generator
This is a Java program that generates a random keyfile (for OTP, for example).
...
3
votes
1answer
81 views
Structure and style of Enigma Machine
I took a little time and wrote the following code to produce enigma encryption. I don't normally write code in C so I would like to get feedback on the way it has been structured and any issues a ...
6
votes
1answer
76 views
MCRYPT - are there any flaws or areas for improvement in this class?
I am working on a class for encryption to use on my site. I have read through many examples of these functions and would just like to clarify a few points I have read and check if this code is worthy. ...
7
votes
3answers
74 views
Encrypt and backup folder to email daily, when online
I have a backup script which should backup a folder and send it to email. This should be done once a day. As this is on my laptop which is not online 24/7 I need to check that I am online and can send ...
7
votes
2answers
124 views
Dictionary brute force on DES encrypted passwords
For a school project I am tasked to decrypt DES passwords. I have sample code provided below and I want to know if this is the best method. Also should I code in error handling for the dictionary ...
4
votes
1answer
151 views
How to optimize this Playfair encryption?
For the implementation of the Playfair encryption I needed a custom struct called Cell. This is because I not only need an array of characters I also want to get Elements in a matrix based on their ...
2
votes
2answers
112 views
Cryptographic Extensions
I have created a small crypto extension and I want a deep review of it, such as possible fixes (for hidden problems) and tweaks...
1- Crypto.cs
...
11
votes
3answers
494 views
Enigma simulator performance
Here is my implementation of a simple 3 rotor Enigma machine in C++:
...
1
vote
1answer
104 views
How can this Encryption Class be more secure?
How secure is this encryption?
Secondly, is there something I could do to "turn it up a notch" and make it 'more' secure?
...
4
votes
2answers
87 views
Cookie encryption library
Recently I needed to save session state in cookies, instead of server side. I looked around and didn't see anything similar, so I decided to write something to handle the encryption, decryption, and ...
6
votes
2answers
205 views
OpenSSL PBKDF2-HMAC-SHAx proof of concept
I have regrettably been away from C programming for a very long time, so I'd like to get a quick code review of a first proof of concept, before I get too far into adding capabilities, using the ...
10
votes
6answers
2k views
Small one time pad encryption program
This one time pad encryption program I have written (basically just an XOR "encryption" program) seems to be working fine, compiling nicely (gcc -o ./OTP.c), and doing what it's supposed to. However I ...
10
votes
2answers
160 views
Can this secure, random generator be improved?
This random generator uses cryptographically secure numbers/chars instead of Math.random(). The Javascript code with jQuery works well but I affect clean code ;) It ...
11
votes
2answers
640 views
Password hashing method
I am having some issue to use PHP5 password_hash() function. My server is not supporting it, so I am using a function to hash. Is this one secure?
...
7
votes
1answer
84 views
Embed MD5 digest in a directory path name
My boss needs me to embed the MD5 digest in a file path, but the problem is MD5 contains escape characters.
I've already taught about a uc%duc%d... format, but it ...
6
votes
1answer
579 views
6
votes
1answer
153 views
Encrypting a payload for transmission over HTTP. AES256 with PBKDF2
I've done some reading about implementing AES256 and deriving a key from a password. If I understand correctly:
I want to generate a new salt (for the key) and a new IV (for the encrypted message) ...
3
votes
2answers
283 views
Using SQL with encryption
This is my first project I am doing in VB.NET, and also my first real programming project. There is sensitive data, so I am utilizing Microsoft's Encryption/Decryption class (...
4
votes
0answers
741 views
AES CTR mode using pycrypto
I've implemented CTR mode by myself (only decryption for now), using only AES built-in functions from pycrypto. It means that I'm not supposed to use mode=AES.MODE_CTR. However, I know that using ...
4
votes
1answer
707 views
Encrypt Using AES
I'm using Microsoft's example
for encrypting/decripting a string. In their example, they are using Tripple DES. I'm trying to convert their code to use AES.
The modified code, listed below, works. ...
8
votes
1answer
127 views
Python mint hashcash token
This is a Python program to mint a hashcash token, but my code is a lot slower than using a library. What is slowing my program down? It takes over 10 seconds to mint a 20-bit stamp, but using a ...
3
votes
1answer
675 views
Is this password hashing acceptable for a custom MembershipProvider?
I'm creating a custom MembershipProvider for an ASP.NET MVC5 application and am wanting to know if this code is acceptable for creating hashed and salted passwords. ...
2
votes
0answers
132 views
Sending signed email [closed]
Is this a good way to send a signed email message? It seems to me that a public key is a little too large to send as a email header. Should I be including the signature and key as a header field, or ...
6
votes
2answers
744 views
My API Keygen: Is it secure?
Below is an api key gen script for a cryptocurrency trading platform i am building.
first it checks to see if a key exists in the db for the user id. if it does exist it displays the key. if it ...
4
votes
1answer
134 views
Reducing repetitive Android code
How can I reduce the amount of repetitive code in my Android app? A lot of the code seems to be doing the same thing twice. I think that there is a more compact way to do this.
What are some ways ...
3
votes
1answer
90 views
Need Loops for PHP Username/Pass Encryption Script
I've created this PHP script to print a batch of usernames with encrypted passwords locally on my computer because the user/pass format is always the same.
username = username
password = ...
2
votes
2answers
707 views
How safe is my encrypt/decrypt PHP function?
I have to protect really sensitive information and I have to do it both ways: encryption and decryption. I'll be using this PHP code:
...
7
votes
3answers
636 views
Python implementation of SHA1
Here is a implementation of the cryptographic hash function SHA1 written in Python. It does not use any external libraries, only built-in functions. I know that it would be faster to use an external ...
2
votes
1answer
209 views
Critique of FilterInputStream and FilterOutputStream classes
I'm working my way through The Java Programming Language, Fourth Edition - The Java Series. This is Exercise Exercise 20.3:
Create a pair of Filter stream classes that encrypt bytes using any
...
