similar to: Need help with Decryption using blowfish CBC

In the past I connect to the user to an SSL-secured portion of my site, asked for or updated their details. I used their credit card''s security code plus the customer''s ID in the database as the pass phrase to encrypt their credit cards (I used Rijndael for encryption). I didn''t like doing it but I stored the customer''s security code in session for at least one

Dear all, First we have to encrypt a file in solaris. That file i have to decrypt in windows. But problem is in byte allocation. If I write this way encContent[0] = buf[3]; encContent[1] = buf[2]; encContent[2] = buf[1]; encContent[3] = buf[0]; encContent[4] = buf[7]; encContent[5] = buf[6];

Hi all, I am having an issue. We have a vm that has encrypted data with gpg. The vm is centos 6.5 and it has multiple users. user1=bob user2=kevin user3= postgres user4=root. Only postgres has access to the file in which we keep the encrypted data. I as root will su - postgres, cd that data dir, and use this command "gpg -d (file_name)" and it works just fine. However

I've got dovecot working on imap But when I try to run imaps I get: imap-login: Nove 08 19:11:19 Warning: SSL_accept() failed: error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac [192.168.1.103] Now I'm not sure if theres any difference here, but I don't have string for 'login = imaps' or 'login = pop3s' to match with my protocols string

I've successfully implemented the mail_crypt plugin on v2.2.27 and it's working like a champ, but some of our administrative operations require access to Maildir messages in plaintext. I've found numerous threads detailing help with mail_crypt setup, but none of my research has yielded a method of decrypting the stored messages. Relevant plugin config: mail_crypt_curve =

Dear tinc-list, I am a happy tinc user for many years and am using several different VPNs. However today I was unable to add a new server to my "backbone" VPN. I hope it is okay that I write this issue to this list as hours of googling did not help. My setup consists of several servers, all tincing happily ever after. "kallisto" as one of them is happy talking to other

Author: Anthony Scarpino <Anthony.Scarpino at Sun.COM> Repository: /hg/zfs-crypto/zfs-crypto-gate Latest revision: 8f164ec4380058ccbc31e7c8ab05c85d0c3d85c5 Total changesets: 1 Log message: aes cbc pad added to kernel software provider Files: update: usr/src/common/crypto/aes/aes_cbc_crypt.c update: usr/src/common/crypto/aes/aes_cbc_crypt.h update: usr/src/uts/common/crypto/io/aes.c

Hi, There was an error in the original advisory. The estimate of 32768 attempts to carry out a successful attack is incorrect. The correct estimate is 11356 attempts. A revised version is now available at: http://www.openssh.com/txt/cbc.adv The advisory and its recommendations are otherwise unchanged. -d

OpenSSH Security Advisory: cbc.adv Regarding the "Plaintext Recovery Attack Against SSH" reported as CPNI-957037[1]: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary

Hi, There was an error in the original advisory. The estimate of 32768 attempts to carry out a successful attack is incorrect. The correct estimate is 11356 attempts. A revised version is now available at: http://www.openssh.com/txt/cbc.adv The advisory and its recommendations are otherwise unchanged. -d

Hi Gerhard, This is not exactly true. CTR modes have the length field encrypted. etm MAC modes and AES-GCM have the length field in cleartext. CBC is dangerous because the length field is encrypted with CBC. aes128-ctr + hmac-sha256 doesn't have any known vulnerability and encrypts the packet length, but uses the bad practice of e&m. chacha20-poly1305 encrypts both payload and packet

Am I the only person to be seeing this log message from sshd: fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth] ? (security/openssh-portable, with HPN patches and MIT Kerberos, although Kerberos is not actually configured on this server.) A work-around is to disable aes128-cbc in sshd_config, but it would be nice not to have my logs spammed with this. Currently

OpenSSH Security Advisory: cbc.adv Regarding the "Plaintext Recovery Attack Against SSH" reported as CPNI-957037[1]: The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary

Hi, I've got a relatively simple tinc setup. I've got two "servers" that are on the public internet that act as routers for three "clients" that are behind NATs. Those servers are called aaaaa and bbbbb the clients are xxxxx, yyyyy and zzzzz Unfortunatly the servers have problems accepting a connection from the clients syslog on aaaaa: Sep 29 18:28:58 schuerrer

Hello, I would like to know if there is any function in R which allows to make designs of experiments for Choice-Based Conjoint studies ? I have already checked the topic on " design of experiments with R " and looked at the different libraries. I tried to make my design with the "optFedorov" function but I haven't found how it can allow to have balanced design (with the

Earlier today while listening to CBC radio's national science show "Quirks and Quarks", I was pleasantly surprised to hear that their audio archives are now offered in Ogg, in addition to mp3 and real. This is the first CBC show that I am aware of that offers their archives in formats other than the usual real/wma/qt. For those who don't know, CBC is Canada's only

On 15.06.2015 21:31, Christian Weisgerber wrote: > On 2015-06-15, Gerhard Wiesinger <lists at wiesinger.com> wrote: > >> I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is >> CBC therefore considered as broken and unsecure (in general or SSH >> implementation)? > CBC modes in SSH use the last encrypted block of the previous packet > as the IV

This way it is easier to use them outside the rest of the code in guestfish for inspection & mount. Just code motion, no behaviour changes. --- align/Makefile.am | 1 + cat/Makefile.am | 1 + df/Makefile.am | 1 + diff/Makefile.am | 1 + edit/Makefile.am | 1 + fish/Makefile.am | 1 + fish/decrypt.c | 102

https://bugzilla.mindrot.org/show_bug.cgi?id=2699 Bug ID: 2699 Summary: PKCS#8 private keys with AES-128-CBC stopped working Product: Portable OpenSSH Version: 7.5p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh-keygen Assignee:

Hello, I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is CBC therefore considered as broken and unsecure (in general or SSH implementation)? I also read a lot of references (see below) but still not clear to me what's the actual "security status" of CBC and why it has been removed in general. http://www.openssh.com/txt/release-6.7 sshd(8): The default set