[Previous] The database encryption with the SQLite Sorcerer » Fl...

 [Next] New Standard for Card Data Encryption on the Way | Securi...

Some related posts from Technorati and Google.

[Vineet Gupta | Technology Evangelist] Crypto 101: For cryptographic purposes, we define collision resistance as: It should be computationally hard to find two inputs m1 and m2 so that their output h = HashingFunction(m1) = HashingFunction (m2). The other important property for a cryptographically secure hashing algorithm is that it should be Pre-Image Resistant: Given an output h, it should be computationally hard to find an input m so that h = HashingFunction(m).

[Wireless Internet Technologies and Applications] WISDOM Intermediate Security Measures - Wireless,Wlan,wifi ...: The ability of an eavesdropper knowing 24 bits of every packet key, combined with a weakness in the RC4 key schedule, leads to a deadly analytic attack that recovers the key after intercepting and analyzing only a relatively small amount of traffic. This attack has been perfected to the point that scripts are commonly available on the Internet for such purposes.

[Programming interview Questions and answers] Job Interview Preparation Material links: What are the different types of Bugs we normally see in any of the Project? Include the severity as well.

[SANS Technology Institute - Security Laboratory] SANS Technology Institute: Hash Functions: There are three types of cryptography algorithms: secret key, public key, and hash functions. Unlike secret key and public key algorithms, hash functions, also called message digests or one-way encryption, have no key.

[The Bakery:] Cryptography and the Auth component (Articles) | The Bakery ...: A hashing function is a mathematical function (strict definition) in that if you put something in, there is one and exactly one output no matter when you use the function. It is because of this nature (read repeatability) that you can hash a password and store the hash and know that there is no time when you will ever arrive at a different hash (unless the input is changed.) It is important to differentiate hashes from compression, hashing is lossy where as as compression is lossless, having two things compress to the same value gives you certainty that the two values are from identical sources where as a hash gives you 99.999% certainty that it is from the same source.

[Inside System Storage] IBM developerWorks : Blogs : Inside System Storage -- hosted by ...: For post-process deployments, such as the IBM N series A-SIS feature, the "ingest rate" during the backup only has to receive and store the data, and the rest of the 24-hour period can be spent doing the post-processing to find duplicates. This might be fine now, but as your data grows, you might find your backup window growing, and that leaves less time for post-processing to catch up.

[Linux Exposed] Hacking Linux Exposed :: The Linux hacking and Windows hacking ...: 10 years ago, individuals saw the future of bruteforcing and helped it grow to what it is now. We must do the same with TMTO, because with it's huge success on such as small scale, imagine the final result of many peoples, including my own effort to prove that TMTO can work and should be the defacto standard when it comes to password cracking of the future.

[(ISC)2 Blog] (ISC)2 Blog: The crypto hamster wheel: Key to the SSL certificate exploit was a technical weakness in the MD5 cryptographic hashing algorithm used by some CAs to sign their digital certificate products. Due to the flaw, it is possible to generate hash collisions on demand.

[51CTO Í- ȵÄIT Í] itʻܽᣨԻ©: algorithm ã·¨ Alt key ü AMD, Advance Micro Devices ΢ Ƽ¼ America On-line, AOL Ï alphanumeric characters ַû analog È analog to digital converter λת ÷ anchor ê Ó .

[Pixel2Life.com: Latest 15 Tutorials] PHP Talk » Blog Archive » Everything About Hashing - The Truths ...: You should always encourage your website visitors to use passwords that are not typical English words. Also since we hash passwords, there is no reason to disallow some characters let’s say !”#¤%&, etc - they won’t interfere with a database or our HTML layout, because passwords are never displayed or stored directly, instead, they are hashed.

[Bits] Outdated Security Threatens Web Commerce - Bits Blog - NYTimes.com: It is no longer a question of “if” or “when” but rather of “how soon” before a perfect storm of cyber crime may conquer cyberspace. We have grown so dependent on the internet in all aspects of our lives that the effect could be truly catastrophic: not only could it destroy economies, businesses, public institutions and ruin many lives, it could also tear the very fabric of our society and create social unrest on a global scale.

[Society of Payment Security Professionals - Compliance Demystified] Society of Payment Security Professionals - Compliance Demystified ...: Theoretically, you could create a hash that is as secure as a CipherText from an encryption algorithm. If you used a 10 kilobit salt (effectively your key) plus your PAN, you would have something quite secure, and would not run into issues with collisions.

[Schneier on Security] Schneier on Security: Notes from the Hash Function Workshop: (It would be smart to design the function with a couple of parameters that can be easily changed to increase security -- increase the number of rounds, for example -- but it shouldn't be a variable that users have to decide whether or not to change.) And I think it needs to be secure in the broadest definitions we can come up with: hash functions are the workhorse of cryptographic protocols, and they're used in all sorts of places for all sorts of reasons in all sorts of applications. We can't limit the use of hash functions, so we can't put one out there that's only secure if used in a certain way.

[Coding Horror] Coding Horror: URL Shortening: Hashes In Practice: Even though it automatically mini-fies a typed URL, it still counts the full URL as part of the 140 characters, resulting in a tweet that is shorter than 140 characters once it goes through the server. It means you either need to have a short url to begin with, or you need to mini-fy it manually [both options defeat the purpose of having the service there in the first place.] I'd like to see it automagically count URLs as four characters, and then replace it with the world "link" once it goes through the server.

[Schneier on Security] Schneier on Security: Forging SSL Certificates: (This is VERY common, though it usually only lasts a few days.) The site has multiple domain names, which all point to the same IP address, and for some reason you're not using the canonical one that the certificate refers to. (Sometimes even a subdomain of the correct domain is considered a mismatch by overly-pedantic browser checks, but even if it's *really* a mismatch it's often just because the site followed standard practice of registering .

Reflected tags on Technorati: Blog, Encryption, Global Security Watch