Im a final year student for COmputer Security / Forensic. Im planning to do a project which requires me to do encryption and decryption. My possible choice of language would be VB.Net. I was wondering if wad is running in my mind can be executed. Well, I would make a application where a part of it wil be promting the guest to register and I wanted to store the password in the database. I did some research and came across Salting and Hashing. I was wondering if is it possible to get the password which the user enters, salt it, hash it and encrypt it before I store in the database. If so, what is the best secured strong encryption can I use in VB.net. Because through out the research I have done, i have sen RInjdael as the most fav encryption algo which alot of programmers using.
im creating a simple login / registrate form in visual studio 2008 anplant Hash and salt to my login and registrate forms, im using mysql to connect to a online mysql serverthis is my codes i ahve now
Form 1 - Login Try DB_Connect = New MySqlConnection()
[code].....
i really need this working, all works but nothing is encrypted
The code below allows a user to enter user name and password to log in to enter marks of students. SQL data reader verifies the user credentials from the database before authentication takes place. modify the code by salting and hashing the password.
Dim frm As New MarksEntryFrm Dim flag As Boolean flag = False
I need to create a keyed hash for a string of XML to send to a 3rd party. This is the code I am using but it is producing a different hash then the example the 3rd party has sent me.
Public Shared Function HashString(ByVal StringToHash As String) As String Dim myEncoder As New System.Text.UTF32Encoding Dim Key() As Byte = myEncoder.GetBytes(My.Settings.PortalHASH) Dim XML() As Byte = myEncoder.GetBytes(StringToHash)
[code]....
It needs to be base-64 encoded, which is why I have the last line.
VS2010 (SP1) / .NET 4 on Windows XP. The question is simple, the answer; not so much. When generating a salt, should the LENGTH of the salt be random, fixed or a random number within a (min/max) range? I am using RNGCryptoServiceProvider to generate the salt, just unsure of the length of the salt.
how to store a hash in my Access Database. Now I have generated a hash by salting a user password with the User ID (not highly secure I know, but plenty for my purposes). I have also stored the hashed values in the database as Base64 strings (manually, I haven't yet developed the module to do that automatically), however, when I go to retrieve the hash from the database I receive the hex code in place of the string. This is the code for the login button:
Sub prcLogin() 'Log User in Dim ds As New DataSet Dim blnCorrect As Boolean
[code]....
But when I run this instead of returning a value like "rlzhYoiO4+vpdJdsrFq5Sj9VBJ+FFYhIg9V5+z+jeNI=" which I stored in the database, it returns a value like "5C6BED0D94
I have a register.aspx and a login function and i am using vb.net
in my register.aspx...i have a user name textbox and a password text and a submit button. IF the user click on the submit button, the password will be hash and store with the username in the database table called "Customer"
1st Qn: i have a problem is that i never try before hashing, so i not sure how to code it , hopefully if someone got a sample or example to teach me it will be nice
2nd Qn: besides that, in my login function, how am i going to compare the hash value for password that is store in database with the password in the textbox to allow to login?
i want to connect to sql server database in the web thru vb6.0. If connect there is chance of user name and password been hacked. Is there any way to encrypt the password and connect to sql server database in the web or any other solution where in i will be not be exposing user name and password to hackers on tranisition to web.
I am looking for any good tutorial about like in subject of this topic, how to up more secure my application. What I need is to the solution to encrypt my queries in application. Is there any good tutorial or something you could propose me?
My database is going to contain personal data. (such as contact details, names, password, etc...) This is what I need:
1) I need to encrypt the database
2) However, i will also need to be able to use it in my vb.net program.
To expand on my second point, i will need to be able to display the data (non-encrypted, obviously), and i will need to be able to compare user inputted data to the database data (like, i will be using datasets, so, IF txtUsername.text = ds.tables(0) ...)
I have this code which displays a login form, i want to encrypt the password before it stores into the sql database and should also be able to verify the pwd when a user logs in.
how to encrypt the password store in the database so that if the database found by pupil it cannot take password from the table .how to encrypt password .I m using microsoft acess as the databese.
I am a beginner, i have used two text boxes (for username, password) and a button. The password should be encrypted and saved in database when I click submit button.
This is what i need my program to do...I have a form with 1 textbox and 2 buttons (save and load) If i type information into the textbox and then click save, i need it to encrypt the text first and then save the file to database If i click the load button i need it to decrypt the file and display the decrypted data into the textbox i just need a way to save my text files so the information inside them cant be changed without using my program but yet again i find myself at a loss as to how i do this.
I know this topic has been addressed a million times but please help me out. I have read so many articles on HOW TO encrypt and decrypt the app.config file but I need to know WHEN and WHERE I should encrypt it.
The problem arose because we found an AppName.exe.config file on a users computer and the database username and password was clearly visible. I understand that the .config file gets created during the VB app install process and is used by the application. I then learned about the aspnet_regiis.exe tool and ran it on the app.config file inside my VB project. I am guessing that was the wrong thing to do.
When I now install the app on user desktops, it gives an error stating failed to decrypt the connection string. Also, when one of my other developers attempts to open the project in his copy of visual studio on his computer, he receives an error when trying to access the setting portion of the project properties. We store all of our projects on a file server and any developer can access the projects via a mapped drive on their computer.
So how am I supposed to encrypt the .config file. If I can't encrypt the App.config file in the development environment, then I'm guessing I have to perform the encryption on the users PC during the install process? How do I do that? Or is that what I am supposed to do?
Just for reference, here is the aspnet_regiis command I ran.
One last thing, maybe it's my misunderstanding of the issue but if this problem has existed since .Net 2.0, why has an option not been built into the development studio to encrypt connection strings?. This would seem to be a very common issue, even their own dataset wizard creates connection strings that are clearly readable.
vb.net Private Function String_Hash(ByVal text As String) Dim _hash As Byte() = _enc.GetBytes(text) Dim hash_alg As HashAlgorithm = New SHA512CryptoServiceProvider() Dim _chash As Byte() = hash_alg.ComputeHash(_hash) Dim sBuilder As New StringBuilder For Each b As Byte In _chash sBuilder.AppendFormat("{0:x2} ", b) Next Return sBuilder.ToString() End Function
I am at a bit of a loss at the moment. What I am basically writing is the password elements of a membership system. What I do is generate a random salt value, take the registered password, combine the two and then pass the new string through a function which will generate a SHAManaged 512 hash.
I then convert the hash and salt string into Byte arrays and store these in my database.The problem comes when I then compare a login attempt against the original value I am being supplied with a completely different hash for the password being presented by the user, even though it should be exactly the same.
Here is my code when someone registers their new account:
I have an openfiledialog, I show the dialog and the user selects there file. How could I calculate the MD5 hash of the OFD.filename/file opened? Or calculate the SHA1, what ever is easiest.
I know MD5 hashes have been asked about 1000+ times, but this question is slightly different.I am looking to find the true MD5 hash of an image, but without using a string for the file's location. I am looking to be able to call on the image inside of a picturebox rather than somewhere on my computer or the internet.
For example, I want to find the MD5 hash of an image inside of my picturebox.
If this doesn't make sense, please ask any questions you may have.
I have a page with a URL that includes a hash value (www.mysite.com/#123).What I want to do is use that value to determine what is displayed on the page - much like using a querystring.I am using the hash value because the content on the page can be changed client side (I am avoiding page reloads where possible) - if the user then links to another page and uses the back button to return, I need to use the hash value to display the page as it was when they left it.So I'm looking for an if statement that will look something like this:
I would like to write a function GetHashCodeOfList() which returns a hashcode of a list of strings regardless of order. Given 2 lists with the same strings should return the same hashcode.
ArrayList list1 = new ArrayList() list1.Add("String1"); list1.Add("String2");
[Code].....
I can first sort the list, then combine the sorted list into 1 long string and then call GetHashCode(). However sorting is a slow operation. I can get the hash of each individual string (by calling string.GetHashCode()) in the list, then multiplying all hashes and calling Mod UInt32.MaxValue. For Example: "String1".GetHashCode() * "String2".GetHashCode * ... MOD UInt32.MaxValue. But this results in a number overflow.
I'm trying to figure out a way to compare two "salted-hash" strings. How can I do this? I know that the salt is a random generated value that's appended to the plain text, then we just compute the hash of that new string.So how can I compare these two values? O_O (The new hash that the user hash written in a textbox and the hash stored in a database)
I have a function in VB.net that returns a password hash. I need to make a web interface to the same database and I'm not sure how to return the same hash in PHP. Does anyone know both languages enough to convert this to PHP?
Code: Public Function GenerateHash(ByVal SourceText As String) As String 'Create an encoding object to ensure the encoding standard for the source text Dim Ue As New UnicodeEncoding()
