AltME groups: search
Help · search scripts · search articles · search mailing listresults summary
world | hits |
r4wp | 8 |
r3wp | 29 |
total: | 37 |
results window for this page: [start: 1 end: 37]
world-name: r4wp
Group: Rebol School ... REBOL School [web-public] | ||
caelum: 16-Apr-2012 | AES 256 is more than sufficient for most purposes. I am researching what Rebol can do so I am aware of the parameters I am working within. I am writing code that will be used to encrypt communication between clients who want a secure communication facility. I am looking at the Rebol RSA algorithms now. Thanks for your input. | |
caelum: 2-Feb-2013 | Thanks BrianH. I am aware of the need to "keep your untrustworthy data that you can't safely DO separate from that code." I am creating a small Rebol server capable of communicating with clients, using RSA key exchange and the blowfish algorithm, both of which work to reasonably high encryption levels in Rebol, 4096 for RSA and 512 for Blowfish (yes I know the effective upper limit for Blowfish is 448 bits, but that is good enough for my purposes). I want to save the RSA key as a block so it can be loaded back into the program and used again, hence my question. It will be encrypted, wherever it gets saved, so there will be no chance of it being messed with. Actually, I am writing a much simpler version of Rebol Services, since I could not get that to work and my ability to code in Rebol was not sufficiently developed yet to see how to get it working. I am in a steep learning curve right now with Rebol and the time I am investing is starting to pay off. Thanks for the information about keeping code and data separate. It's always good to be reminded of 'obvious' truths. | |
caelum: 23-Feb-2013 | So I have a question about RSA encryption. When I run the following code: rsa-key: rsa-make-key rsa-generate-key rsa-key 1024 3 crypt-key: copy/part checksum/secure mold now/precise 16 print crypt-key crypt-key: rsa-encrypt rsa-key crypt-key print crypt-key crypt-key: rsa-encrypt/private/decrypt rsa-key crypt-key print crypt-key it runs perfectly, encrypts the crypt-key and then decrypts it sucessfully. As you probably know, the purpose of the RSA algorithm is to allow someone else to encrypt data that only you can decrypt using your private key. I tried this with a different public key using the following code: rsa-key1: rsa-make-key rsa-generate-key rsa-key1 1024 3 rsa-key2: rsa-make-key rsa-key2/n: rsa-key1/n crypt-key: copy/part checksum/secure mold now/precise 16 print crypt-key crypt-key: rsa-encrypt rsa-key2 crypt-key print crypt-key crypt-key: rsa-encrypt/private/decrypt rsa-key2 crypt-key print crypt-key So I put the public key from rsa-key1 into another object, rsa-key2 and tried using it to encrypt the data and get the following error. #{DD44AC1810E9A7020FAD72A7CFA54100} Segmentation fault How do I get the public key from the first object into the second object so that it can be used to encrypt data? | |
Cyphre: 23-Feb-2013 | ;key1 - contains public and private keys rsa-key1: rsa-make-key rsa-generate-key rsa-key1 1024 3 ;key2 - contains only public key rsa-key2: rsa-make-key rsa-key2/e: 3 rsa-key2/n: rsa-key1/n ;data to ecrypt encrypt data: copy/part checksum/secure mold now/precise 16 ;encrypt data using the key2 (with pub key only) crypt-key: rsa-encrypt rsa-key2 data ;decrypt data(that have been encrypted using key2) using the key1(needs to contain private key) data2: rsa-encrypt/private/decrypt rsa-key1 crypt-key either equal? data data2 [ print "decrypted data match the original - decription passed" ][ print "decrypted data differs from the original - decryption failed" ] | |
Cyphre: 23-Feb-2013 | the problem was you forgot to set the generator value (key/e) when makeing rsa-key2 | |
Cyphre: 23-Feb-2013 | and also you tried to decrypt the data using rsa-key2 which doesn't contain the private key | |
caelum: 2-Aug-2013 | When R3 was open sourced, I presume the SDK was not also open sourced? I am looking for the 'C' source code for the RSA, AES and Blowfish encryption functions. | |
Group: !REBOL3 ... General discussion about REBOL 3 [web-public] | ||
Cyphre: 18-Jan-2013 | I simply wrote the TLS scheme :-) I've also added the neccessary crypto algorithms at the native level (only RSA with ARC4 cipher suite is supported at the moment). IMO this solution gives us much better flexibility: the encryption code is native(fast) and the TLS protocol logic is in REBOL so it is possibel to enhance it much more easily. |
world-name: r3wp
Group: All ... except covered in other channels [web-public] | ||
Gabriele: 7-Jan-2005 | the URL is just an example. you just need a way to generate a key from who you are (could even be your public RSA key) | |
Gabriele: 7-Jan-2005 | i know it's you by your authorization. this could be your RSA signature. | |
Gabriele: 7-Jan-2005 | hmm, knowing Maarten, I guess he's actually using AES, which is 128 bit; the RSA key is probably 1024. | |
Group: !AltME ... Discussion about AltME [web-public] | ||
btiffin: 7-Jun-2008 | You may need to tweak Search (and these options are buried deep enough that I can't remember) to include non-indexed data. And I like this one; from wikipedia User_Access_Control --- However, David Cross, a product unit manager at Microsoft, stated during the RSA Conference 2008 that UAC was in fact designed to "annoy users", and force independent software vendors to make their programs more secure so that UAC prompts would not be triggered. --- Smart company; annoy a billion people to get 1000 to play nice with Microsoft. I say we get out the torches and chase down Dr. Frankenstein. :) | |
Group: Core ... Discuss core issues [web-public] | ||
Allen: 2-Nov-2006 | Encloak -- http://www.rebol.net/cookbook/recipes/0023.html-- Carl says Newer versions of REBOL include "cloaking" functions for encrypting and decrypting strings. These functions do not provide full strength encryption such as Blowfish, AES, or RSA as found in REBOL/Command, nevertheless they can be useful for hiding passwords and other values. (That's why we call it cloaking rather than encrypting.) | |
Tomc: 1-Feb-2009 | I have a 24 bit math implementation to do RSA but never converted to or from other bases. It is from before Holgar did encryption with thebignum library nativly in core/view which renders mine moot | |
Group: I'm new ... Ask any question, and a helpful person will try to answer. [web-public] | ||
RobertS: 31-Aug-2007 | ; I did a dif between the functions in VIEW and those in CORE for a default install. What I get is this ( I hope it is useful to have al 106 in one place ) alert brightness? caret-to-offset center-face choose clear-face clear-fields confine crypt-strength? dbug deflag-face desktop dh-compute-key dh-generate-key dh-make-key do-events do-face do-face-alt do-thru draw dsa-generate-key dsa-make-key dsa-make-signature dsa-verify-signature dump-face dump-pane edge-size? editor emailer exists-thru? find-key-face find-window flag-face flag-face? flash focus get-face get-net-info get-style hide hide-popup hilight-all hilight-text hsv-to-rgb in-window? inform insert-event-func inside? install launch-thru layout link-relative-path load-image load-stock load-stock-block load-thru local-request-file make-face notify offset-to-caret open-events outside? overlap? path-thru read-net read-thru remove-event-func request request-color request-date request-dir request-download request-file request-list request-pass request-text reset-face resize-face rgb-to-hsv rsa-encrypt rsa-generate-key rsa-make-key screen-offset? scroll-drag scroll-face scroll-para set-face set-font set-para set-style set-user show show-popup size-text span? stylize textinfo unfocus uninstall unlight-text unview vbug view viewed? win-offset? within? | |
Group: Web ... Everything web development related [web-public] | ||
Pekr: 30-Mar-2005 | it may just use normal means of tcp communication with encrypted content, using RSA for e.g. | |
Group: SDK ... [web-public] | ||
Gabriele: 2-Dec-2006 | hmm, doesn't /pro have RSA too? | |
TomBon: 14-Jan-2012 | gab, right. e.g md5 for simple password security and rsa for dataflow. the javascript link above containing RSA functions too just to step in. | |
Cyphre: 16-Jan-2012 | Graham: I was able to implement TLS1.0 protocol configured to use the TLS_RSA_WITH_RC4_128_SHA cipher-suite. All the mentioned algorithms were calculated using the build-in Rebol2 encryption functionality. I had no problems regarding the compatibility. I haven't tried the cipher-suite with the AES enctryption though but my guess it will work as well. | |
Group: RT Q&A ... [RT Q&A] Questions and Answers to REBOL Technologies [web-public] | ||
Alberto: 29-Nov-2005 | Q about encryiption within rebservices: my *guess* is if you are using core or view, then rebservices can' t use rsa encryption method but must use encloack/decloack method. And there is no plans to upgrade for rsa support in the next releases of core and view . I'm rigth? | |
Group: Tech News ... Interesting technology [web-public] | ||
PatrickP61: 1-May-2008 | For the security minded, there is a new startup at www.Yubico.com with a cool new usb wafer that generates OTP (one time passwords). It is small, light, and cheap (currently $35.00). But the really neat thing about it is it can be combined with a service like www.MashedLife.com which can manage all of your website accounts with a secure login. With OTP, keyloggers are not effective anymore. It seems like a neat idea. You can listen to Steve Gibson review at www.twit.tv/sn141. If you want just the Yubico stuff, advance the audio stream to about 3/4 the way through at about 1:15 to skip the RSA stuff before. | |
Group: !REBOL3-OLD1 ... [web-public] | ||
Gabriele: 4-Jun-2007 | R2 has RSA, DES, etc. | |
Gabriele: 4-Jun-2007 | signatures - rebol has that built in. is called rsa encryption | |
Gabriele: 5-Jun-2007 | [giesse-:-batou]:/etc/ssl/certs$ openssl x509 -text -in Visa_eCommerce_Root.pem Certificate: Data: Version: 3 (0x2) Serial Number: 13:86:35:4d:1d:3f:06:f2:c1:f9:65:05:d5:90:1c:62 Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=VISA, OU=Visa International Service Association, CN=Visa eCommerce Root Validity Not Before: Jun 26 02:18:36 2002 GMT Not After : Jun 24 00:16:12 2022 GMT Subject: C=US, O=VISA, OU=Visa International Service Association, CN=Visa eCommerce Root Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:af:57:de:56:1e:6e:a1:da:60:b1:94:27:cb:17: db:07:3f:80:85:4f:c8:9c:b6:d0:f4:6f:4f:cf:99: d8:e1:db:c2:48:5c:3a:ac:39:33:c7:1f:6a:8b:26: 3d:2b:35:f5:48:b1:91:c1:02:4e:04:96:91:7b:b0: 33:f0:b1:14:4e:11:6f:b5:40:af:1b:45:a5:4a:ef: 7e:b6:ac:f2:a0:1f:58:3f:12:46:60:3c:8d:a1:e0: 7d:cf:57:3e:33:1e:fb:47:f1:aa:15:97:07:55:66: a5:b5:2d:2e:d8:80:59:b2:a7:0d:b7:46:ec:21:63: ff:35:ab:a5:02:cf:2a:f4:4c:fe:7b:f5:94:5d:84: 4d:a8:f2:60:8f:db:0e:25:3c:9f:73:71:cf:94:df: 4a:ea:db:df:72:38:8c:f3:96:bd:f1:17:bc:d2:ba: 3b:45:5a:c6:a7:f6:c6:17:8b:01:9d:fc:19:a8:2a: 83:16:b8:3a:48:fe:4e:3e:a0:ab:06:19:e9:53:f3: 80:13:07:ed:2d:bf:3f:0a:3c:55:20:39:2c:2c:00: 69:74:95:4a:bc:20:b2:a9:79:e5:18:89:91:a8:dc: 1c:4d:ef:bb:7e:37:0b:5d:fe:39:a5:88:52:8c:00: 6c:ec:18:7c:41:bd:f6:8b:75:77:ba:60:9d:84:e7: fe:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Subject Key Identifier: 15:38:83:0F:3F:2C:3F:70:33:1E:CD:46:FE:07:8C:20:E0:D7:C3:B7 Signature Algorithm: sha1WithRSAEncryption 5f:f1:41:7d:7c:5c:08:b9:2b:e0:d5:92:47:fa:67:5c:a5:13: c3:03:21:9b:2b:4c:89:46:cf:59:4d:c9:fe:a5:40:b6:63:cd: dd:71:28:95:67:11:cc:24:ac:d3:44:6c:71:ae:01:20:6b:03: a2:8f:18:b7:29:3a:7d:e5:16:60:53:78:3c:c0:af:15:83:f7: 8f:52:33:24:bd:64:93:97:ee:8b:f7:db:18:a8:6d:71:b3:f7: 2c:17:d0:74:25:69:f7:fe:6b:3c:94:be:4d:4b:41:8c:4e:e2: 73:d0:e3:90:22:73:43:cd:f3:ef:ea:73:ce:45:8a:b0:a6:49: ff:4c:7d:9d:71:88:c4:76:1d:90:5b:1d:ee:fd:cc:f7:ee:fd: 60:a5:b1:7a:16:71:d1:16:d0:7c:12:3c:6c:69:97:db:ae:5f: 39:9a:70:2f:05:3c:19:46:04:99:20:36:d0:60:6e:61:06:bb: 16:42:8c:70:f7:30:fb:e0:db:66:a3:00:01:bd:e6:2c:da:91: 5f:a0:46:8b:4d:6a:9c:3d:3d:dd:05:46:fe:76:bf:a0:0a:3c: e4:00:e6:27:b7:ff:84:2d:de:ba:22:27:96:10:71:eb:22:ed: df:df:33:9c:cf:e3:ad:ae:8e:d4:8e:e6:4f:51:af:16:92:e0: 5c:f6:07:0f | |
Gabriele: 5-Jun-2007 | rebol side - just use rsa signature as shown in rebol.com docs. ie just add signature to your rebol script | |
Gabriele: 5-Jun-2007 | and if you don't even want to trust rebol's internal rsa code... you can call openssl for everything. that code is trusted by all | |
Group: !Cheyenne ... Discussions about the Cheyenne Web Server [web-public] | ||
Terry: 4-Jun-2007 | If you want to try this method for windows.. here's what you do.. 1) download the windows binary from openssl.. -> http://www.slproweb.com/products/Win32OpenSSL.html 2) Unzip.. and pull out the openssl.exe file from the bin folder.. . drop that file into your cheyenne www folder 3) Create a self-signed cert.... 3a) run openssl.exe 3b) enter this line: req -x509 -nodes -days 365 -newkey rsa:1024 -keyout localhost.pem -out localhost.pem (localhost is the cert name) 3c) answer the questions... when asked 'who are you?' enter your domain, or 'localhost' as I did This will generate the cert in your www folder (this is just a demo... the openssl server uses it's location as root www folder) 4) Start up the server... enter this line into openssl: s_server -accept 443 -cert localhost.pem -WWW Now open any file in your Cheyenne www folder using the https:// protocol | |
Janko: 23-Aug-2009 | I keep getting key values missmatch nomatter what I tried so far... I found out this.. the key/cert/CAfile in conf doesn't seem to matter as it checks /etc/stunnel/stunnel.pem anyway .. so I commented them out. If I delete the pem file I get appropriate erros , so it checks for this file.. If I remove RSA PRIV KEY from first line I get Error saying something about RSA KEY no start line If I remove CA certificates below I det Error saying SSL CERT no start line .. If I concat them all like this >> cat myserver.key AddTrustExternalCARoot.crt UTNAddTrustSGCCA.crt ComodoUTNSGCCA.crt ComodoHighAssuranceSecureServerCA.crt www_cebelca_biz.crt >> stunnel.pem (first the PRIV KEY ALL THE CERTS in same order as they are listed in email to me.. with cebelca.biz.crt as last I get the "key values missmatch" which I think means that the priv key and certs don't match | |
Group: !REBOL2 Releases ... Discuss 2.x releases [web-public] | ||
Janko: 6-Jan-2010 | are there any docs about encription functions that are now enabled in view ... I could find some rsa-* and dsa-* functions by trying in console | |
Group: !REBOL3 Schemes ... Implementors guide [web-public] | ||
Graham: 12-Jan-2010 | GNU TLS supports Certificate types: X.509, OPENPGP Protocols: TLS1.2, TLS1.1, TLS1.0, SSL3.0 Ciphers: AES-256-CBC, AES-128-CBC, 3DES-CBC, CAMELLIA-128, CAMELLIA-256, ARCFOUR, ARCFOUR-40 MACs: SHA512, SHA384, SHA256, SHA1, RMD160, MD5 Key exchange algorithms: RSA, RSA-EXPORT, DHE-DSS, DHE-RSA, DHE-PSK, PSK, SRP, SRP-RSA, SRP-DSS, ANON-DH Compression methods: DEFLATE, LZO, NULL Extensions: Max record size, Cert Type (OpenPGP), Server Name, SRP, TLS/IA, Opaque PRF Input | |
Group: !REBOL3 ... [web-public] | ||
Cyphre: 3-Feb-2011 | To clarify the SSL stuff: Since the SSL is a layer on top of TCP the idea was that R3 will have all the neccesary encryption algorithms (RSA,DH, DSA, RC4, SH256 etc.) probably in form of embedded extension as part of the host-kit. These algorithms needs to be fast so they will be in C (probably ported from the R2 codebase if possible). Then the SSL/TLS protocol itself won't be written in C as it was in R2 but just done in R3 script. This way the protocol code will be: -smaller in size than the C version -easier to maintain because it is Rebol language, for example we can add 'server mode', certificate validation (simmilar to web browsers) etc. -crossplatform as much as Rebol script can be So far I did simple TLS implementation in R2 to prove that concept. The prototype is ~20KB of rebol script and uses only the build in encryption ports in R2. It covers most of the TLS functionality that is written natively in in form of 'tls scheme. So the next step is to get the encryption math to R3 (which can be useful not only for SSL so it is definitely worth doing that) and then try how the prototype will behave. | |
Group: Core ... Discuss core issues [web-public] | ||
GrahamC: 31-Mar-2011 | Is Rebol's RSA encryption still standard ? Can I use that for encrypting sensitive health data ? | |
PeterWood: 1-Apr-2011 | RSA is not really designed to encrypt large chunks of data. You'd be better of using AES (or Rijndael as it used to be known as is still called in REBOL). RSA is better used for exchanging passwords and "signing" documents. | |
GrahamC: 1-Apr-2011 | RSA is significantly slower than symmetric key encryption algorithms, and a single encryption or decryption operation can only process an amount of data up to the size of the RSA key. For encrypting or decrypting large amounts of data RSA is usually used in combination with symmetric key algorithms or secure checksums as follows: | |
GrahamC: 1-Apr-2011 | so I would use AES to encrypt the data,and then use RSA to encrypt the AES encryption key I guess | |
PeterWood: 1-Apr-2011 | Yes you would use AES to encrypt the data and then RSA to encrypt and send somebody the encryption key. | |
PeterWood: 1-Apr-2011 | I have successfully decrypted something in REBOL that was encrypted in JavaScript using RSA. |