lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: jftucker at gmail.com (James Tucker)
Subject: RE: Cipher Tool

Have you considered using secured network protocols on dedicated
encryption hardware? or is that beyond the price point?

Any cipher algorithm would be theoretically implementable (providing
the length of data is suitable). If you are looking for _real_
performance though then ciphering may not be what you want as there
isn't any good cipher that is really overly fast fast (deliberate
double).

There are other core pieces of the puzzle to be considered though,
like are you going to be talking in a client less manner (i.e. is the
client pre-configured or has the client never received secure comms
before?) Is there a socket/tunnel already running? What is the rough
length of the data set (impact readability and suitability for
encryption algorithms)? What is the performance restriction (i.e.
where is the bottleneck)? How secure do you need it, anti-fool,
seconds, hours, years or millennial(might actually require more data
storage than money can buy)?

I raised an eyebrow at the last portion of your mail, "Is there a
freeware or software or information, I can check out?". This would
suggest that you are looking to put another program somewhere mid-flow
in a data pipe; thats not always a good option.

If you're really looking for speed and ease of implementation then
something like a simple rotation cipher might work out for you, but
this is going to be so poor a encryption that some cipher pro's could
read it in its encrypted form. This is obviously no good if you're
worried about credit card info, but is OK if it's just your girlfriend
being a nosy ....... .


On Tue, 14 Dec 2004 00:23:41 -0800 (PST), richard capistrano
<mikoc02@...oo.com> wrote:
>  
>  
> 
> Hello, 
> 
>   
> 
>   
> 
> We are looking for a tool that can actually cipher or hash a particular
> portion of a file so that it will not display the particular field of a
> file. This will be applied to the file so that when it travels the network,
> the confidential field in the file is not displayed in clear text. Due to
> performance issues, we can not simply hash the whole file. 
> 
>   
> 
> Is there a freeware or software or information, I can check out? Thanks in
> advance.
> 
>  ________________________________
> Do you Yahoo!?
>  Read only the mail you want - Yahoo! Mail SpamGuard. 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ