How Secure Is VB Rijndael Managed Encryption Or AES
Feb 11, 2012
I am using a slightly modified version of this code. to create a mission critical application. That files that will be encrypted are very important. This has to be done from scratch because there are some other things that has to be done along with this. How secure is this? Its impossible to crack this encryption right? [Code]
At first i thought it was the padding since mcrypt uses zero padding but i changed the php to use PKCS7 and get the same exact results.I think it has something to do with the padding in the php.Test output from .Net:
My current approach of using Rijndael is to use a pair of static Key and Iv for all encryption operations (I mean I use this pair of Key and Iv for all protected files in my computer).
I heard that IV must be unique for each Rijndael encryption. Is that true? What is the problem (if any) for my current approach of using single static Key and Iv pair?
I use the following Rijndael code to do encryption without fail for many times. But why it can not encrypt an ISO file with 4.2 GB? In fact my computer has 16GB memory and it should not be a memory problem. I use Windows 7 Ultimate. The code is compiled as winform (.Net 4) using Visual Studio 2010 (a VB.NET project).
I have checked that the ISO file is OK and can be mounted as virtual drive and even can be burnt to DVD rom. So it is not the ISO file problem.My question: Why the following code cannot encrypt an ISO file with size of 4.2GB? Is that caused by the limitation of Windows/.NET 4 implementation?
I am trying to find some source code that is reputable such as code created by Microsoft or a similar entity that has released the source code for AES 128 encryption in the latest VB .net framework. My understanding of encryption methods is sufficient though, I am not an expert on the subject. The following source code [URL] on the MSDN network works very well in VB though with the advent of more secure AES encryption, I would like to be more prudent by using a more secure method. Unless someone can prove or explain that this source code is at a level of a "bank standard encryption" or better I would like to be pointed in the right direction of more secure code or advice from experts.
What would be the best way of storing data securely away from users. What I have is a stack of files that get downloaded by the program, at the moment they COME encrypted, and stored in a temp location. Now where would be the be place to store them, and how would I store them? The program reads normal unencrypted files but in order for me to open them at the moment I nee to decrypt them in the temp folder and open them from there.This is bad because anyone could find the temp folder and simply copy out all the unencrypted files.Opening the files and then decrypting the bytearray is out of the question because the program only takes a filename as a option.
Is there a way to encrypt/decrypt text (string form) in VB.net using another string as a key? Meaning, if one user encrypts using this key, the other user needs to decrypt using the same key?I do NOT mean public and private key encryption or anything of the sort.If not, what is the second best way to encrypt/decrypt data without public/private keys?I want to make a simple way to send messages securely.
I want it to do is that you input a string, then you select an algorithm (Theres only going to be one RijnDael) then you input a key, then the Initialization Vector comes from "txtIV.text" then you select the key bytes and the block bytes from the numeric up/down, then you either encrypt or decrypt.
I've been trolling for a long time now and have decided to register as I finally have some time to start jumping into VB. The last time I coded VB, the current version was VB 4. I've been out of programming for a good while now and considered myself a beginner (tutorial example coder haha).
My question is: Where is a good place to start learning VB.NET?
I know it's an often asked and answered question - but let me give you a bit more information so more specialized replies might be given.
I'm in INFOSEC/COMSEC and would like to (eventually) develop a program that contains a DB of information that is read by the application and saves input information into a DB (encrypted) as well. The program will be a 800-53 C&A control assessment program; used for tracking system compliance for federal information systems. I would like to be able to develop such a tool to make my life easier at work instead of using Excel spreadsheets to track everything.
I would like to learn: - Input / Output methods and validation (for secure coding) - Read/Write DB Encryption (RSA or other 128-bit) for user input information - Ability to generate PDF reports from the primary keys and data sets from the above DB
My goal is to create a program that allows a user to install the program, setup a 'master' account that a serial/key has been generated for - that master account is then allowed to create new projects (progress saved in DB). A project asks the user certain questions pertaining to information systems and takes the input and saves it into the DB (encrypted). When the assessment is completed, I would like the program to be able to generate a PDF report from the DB (from a layout template I created).
I have set up a method in vb.net and in xcode for encrypting a string using as far as i can tell the same parameters for an AES encryption.I've looked all over the place but cannot find information on whether they use the same encryption algorithm and settings.
this is the vb.net code:
Dim encryptAES As New AesCryptoServiceProvider() Dim encoding As New UTF8Encoding() Dim encryptor As ICryptoTransform encryptAES.Key = encoding.GetBytes("12345678901234567890123456789032") encryptAES.IV = encoding.GetBytes("1234567890123416") encryptAES.Mode = CipherMode.CBC
I'm trying out the Rijndael to generate an encrypted license string to use for our new software, so we know that our customers are using the same amount of apps that they paid for.[code]...
I've attempted using code snippets as a test to encrypt a string, save it to a file & the reload it back, decrypting it. I consistently get a "Padding is invalid and cannot be removed." error on decrypting the string.
Im using Rijndael (as AES algorithm) for encrypting. I encrypt the values (objects properties) and serialize the object to xml an dsend the xml to the receiver via a web service. I want to pass along the encrypted symmetric key that I used to encrypt the data. But what key should I pass along?
My decryption algorithm looks like this (vb.net):
CODE:
If I want to decrypt the encrypted string I have to use both key and IV, but I think I have to pass along only a key value. Do I have to do this another way or what should I pass along? My specification says that the values have to be encrypted using AES and a 128 bits key.
I have spent quite a while trying to solve this problem.I would like to be able to decrypt a file using an old password, then encrypt the file with a new password in memory. I could easily write the unencrypted file to disk then encrypt the file with a new password, BUT I was trying to keep the unencrypted file from being written to disk. Could someone point me in the right direction?
Private Function ReEncryptFile(ByVal PathToFile As String, ByVal OldPassword As String, ByVal NewPassword As String) As Boolean End Function I've been using a cryptostream to decrypt the file, but I cant seem to figure a way to encrypt the crytostream afterwards (or convert it to a memorystream and (re)encrypt the memorystream)
What's the difference? I'm going to create a password encrypting program, and I wanted to know what's the basic difference about the managed class and the "not managed" class.
I recently have been developing a app that uses the rijndael encrypt and decrypt function it stores dates in the registry (encrypted with a key using the algorithm)
for example Dim strOldDay As String = Key.GetValue("UserSettings", "").ToString the key was made using a private function called "createkeys"
example: dim current as currentdate Current.Day = DateTime.Now.Day.ToString Current.Day = Encrypt(pPassPhrase, Current.Day)
I am writing classes in VB.Net (both managed). The main class "A" creates an instance of "B". Class "B" must call a method of Class "A". I need to know two things (syntax, etc...):
1. How does class "A" tell class "B" what method to call?
2. How does class "B" call the method?
The method must pass back an array of Shorts (in this particular example), either as a return value, or as a ByRef argument.I don't want to use an event if I don't have to. The execution is timing critical. (I assume event handling involves a lot of overhead by the operating system, but I may be wrong.)
I have absolutely no background on programming in C (or any other unmanaged languages for that matter) yet I would like to use the GetBestInterface function from the IP Helper API in my .NET application. I tried to understand how P/invoke calls can be used to make calls to native methods, but there are many things that just don't make sense to me (like how types in managed code map to unmanaged types).
Is there an alternative function somewhere hidden in the System.Net namespace that does roughly the same thing? Or could I write my own alternative using existing base classes combined with some magic? Because that's basically what it seems to me: magic. There is no real explanation for how the method accomplishes what it does as far as I can tell...
I just discovered the LocalEndPoint property on the System.Net.Sockets.Socket class which I think could be quite useful in this. To my understanding it will do the best-interface-picking on my behalf and I'll just need to get the NIC that corresponds to the local endpoint.
I am having a very strange memory leak that seems related to databinding. It is very hard to reproduce, so I won't post any code here to do so, but will just describe the problem.We have data entry forms which have controls which bind to custom business objects through a BindingSource object.
I have event Button that creates text box in run time.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click Dim textbox1 As New TextBox static Dim shiftDown As Integer static Dim counter As Integer
[code]....
All the text boxes that has been created displayed in GroupBox control dynamically. how GroupBox control size can be managed according to quantity controls inside it.
I have a .Net application (VB in particular, although I would this to be as language agnostic as possible) that uses a COM object (made in C++). I need to implement a event in COM that passes a char array from C++ to .Net. I guess I need to convert the array to a managed array; How can I do this?
I am well aware that finalizers are typically used to control unmanaged resources. Under what circumstances may a finalizer deal with managed ones? My understanding is that presence in the finalizer queue will prevent any object, or objects strongly referenced thereby, from being collected, but it will not (of course) protect them from finalization. In the normal course of events, once an object is finalized it will be removed from the queue and any objects it references will no longer be protected from collection on the next GC pass. By the time a finalizer is called, the finalizers may have been called for any combination of objects referred to by the object; one cannot rely upon finalizers being called in any particular sequence, but the object references one holds should still be valid.
I am trying to develop a dll in VisualStudio2005 in vb.net that will communicate with a spectrometer attached to the USB port of the computer.Now the dll exists in C++ and it works like a charm. It is unmanaged code.Now if I try to translate this code in VB.net (because our app is in VB and my boss wants it in VB for maintainability) I have problems.
First of all, I am trying to create a file to open that port. The code in C++ looks like below and it works. Needles to say I tried to call the C++ dll from our app and it works. If I call the vb dll it doesn't. It gives me "access denied" no matter what I tried. I am not sure if my CreateFile is wrong or it's .net. I read somewhere that I need a manifest file included in the dll? Has anyone experience something like this? Why would i get "ACCESS DENIED" all the time?
// close and clear current stuff ClosePort(); swprintf( sDevice, L"\\?\usb#vid_0765&pid_%s#******#{%s}", Device, PRIVATE_IID_STR );
I need to write a DLL in C that is used a plugin for an existing application.The DLL has to be compiled by the Visual Studio 2008 compiler with the following options.[code]It's then linked to applications library's.What it actually needs to do and what's causing me the issues is that within one of the methods it needs to pull data from a sql server 2008 r2. From what I've seen today you wouldn't be able to do this directly in C as SQL Server past 2005 is designed to communicate with CLR languages( C#, C++, VB.Net).It was suggested that I handle all the database communication with a VB.Net dll and then call said function from within the C dll. Most of what I've found on the topic of calling managed dll's from unmanaged code has talked about pinvoke or com wrappers and mainly from the perspective of c++.