Category Archives: Cryptography

PKI Certificate

A PKI (Public Key Infrastructure) certificate is a security mechanism that enables a user to combine his digital signature with a particular public key and a piece of information that would identify him. An example of the said piece of information is the user’s full name. Individuals use PKI certificates to let them show that they do own a specific public key.

The digital signature is a core component of a PKI certificate. Other groups and persons refer to the digital signature to verify that the public key holder truly owns the said document. The digital signature can be made by either the person who is creating the PKI certificate, an endorser of the public key, or the individual or group that has the authority to sign PKI certificates.

PKI certificates are an application of several technologies. one of which is the cryptographic key authentication. A cryptographic key is a value used in a cryptographic process such as data encryption. This application of PKI certificates is more useful in larger networks than in smaller ones.

A PKI certificate helps to eliminate problems in business transactions. Here is a sample situation to demonstrate this: Person A wishes to establish a business relationship with Person B. Person A does this by publishing his public key. This also lets Person A send and receive data from Person B. However, a problem arises when a third person poses as Person A and sends information which Person A does not wish to send. Through its intricate levels of personal identification, a PKI certificate would prevent such an event from taking place. Person B can refer to the PKI certificate shown in each data transfer to verify that he is indeed communicating with Person A.

For more information on PKI Certificate read:

  • PKI Certificate
  • PKI
  • PKI Certificate
  • PKI Certificate
  • PKI Certificate
  • Root Certificates Update

    A root certificates update, as its name implies, is a component that updates the list root certificates in the computer. Root certificates refer to self-signed certificates which are issued from root level certificate authorities. One of the most popular operating systems that make use of root certificates updates is Microsoft Windows.

    Having root certificates updates in the computer provides several benefits to the system. These components enhance the security of web browsing software installed on the computer. As a result, the system has a lower chance of having vulnerabilities in its web browsers. This lessens the possibility of harmful applications entering the system through the said bugs.

    Root certificates updates protect the system in terms of enhanced encrypted email. This ensures that information in the computer that is sent via email is free from unauthorized access and modification.

    Root certificates updates also enable code delivery applications to function more efficiently. These updates help in fixing the errors that the said programs may encounter during runtime. Consequently, these applications would perform their tasks faster.

    Generally, root certificates updates are downloaded and installed automatically by the system. For instance, operating systems such as Windows XP and Windows Vista automatically check the list of trusted certificate authorities found in the Windows Update website. A system application validates each root certificate found by the OS. Once the root certificates are validated, they will be installed in the system.

    If you want to ensure that your Windows OS automatically updates its root certificates, you should go to the Add or Remove Programs option in Control Panel. Then you need to click on the Add/Remove Windows components and check the box for “Update Root Certificates”.

    VB.NET

    VB.NET, also called VisualBasic.Net, is an object-oriented computer language. The predecessor of this programming language is the Microsoft Visual (VB), which was implemented on the Microsoft .NET framework. Although its introduction to the market had been controversial due to backward compatibility issues, several developments have been implemented to fix this.

    What Makes VB.Net useful?

    VB.NET is the newest generation of Visual Basic. It new features include:

    • inheritance
    • structure exception handling
    • method overloading

    These capabilities make it easier to create a .NET application, including Windows Applications, Web Application, and Web Services.

    What is Visual Basic?

    Visual Basic is a computer programming system owned and developed by Microsoft. Visual Basic was initially created to make it easier for programmers to create GUI based applications for the Windows Operating System. Visual Basic is rooted in the programming language called BASIC.

    Is VB.NET really an improvement of Visual Basic?

    In today’s world where virtually everything can be done online, VB.NET may indeed be described as an improvement. It provides the same ease of programming in Visual Basic but packs more features especially those related to the World Wide Web. It is possible that Visual Basic programmers will not have a difficult time migrating to this language.

    Programming with VB.NET becomes a lot easier especially since Microsoft has provided a different set of support software for it. Today, most programmers say that VB.NET is a huge step towards the innovation of Visual Basic Programs.

    Other Versions of the VB.NET

    There are other versions available in the VB.NET applications, such as:

    1. Visual Basic .NET (VB 7),
    2. Visual Basic .NET2003 (VB 7.1),
    3. Visual Basic2005 (VB 8.0),
    4. Visual Basic2005 Express,
    5. Visual Basic2008 and,
    6. Visual Basic (VBx) or (VB 10.0) – the most recent.

    Criticisms of VB.NET

    Users of Virtual Basic, particularly VB6, criticized VB.NET because its earlier versions no longer included certain features of the former such as its language constructs and interface features. Those that were retained had their semantics changed.

    How to Safely Use RC4 as Stream Cipher

    The RC4, which is also known as ARCFOUR or ARC4, is a widely-used software stream cipher, a type of symmetric encryption algorithm. This was designed by Rivest mainly for RSA Security in 1987. This is also used for SSL protocols that protect traffic in the Internet and for securing wireless networks.

    Although the RC4 has shown remarkable speed and simplicity as software, it is also vulnerable to attacks especially when you have failed to discard the beginning of the output key stream. This was supposed to be a trade secret, but when it was described first on the mailing list, it eventually spread out to several sites on the Internet. Since the algorithm has been revealed, it is no longer considered as a trade secret.

    Today, the acronym “RC4” has already been trademarked to prevent future trademark problems.

    Algorithmic Features of the RC4

    To better understand how the RC4 functions, it is important to look into its algorithm:

    • It uses keys with variable length, from 1 to 256 bytes, to initialize a state table. This table is then used for the subsequent generation of random bytes to create a stream.
    • A key can be limited to 40 bits due to export restrictions. However, this can often be used as a 128 bit key. It can also use keys that range from 1 to 2048 bits.
    • The algorithm undergoes a couple of phases: ciphering and key setup. The process of encryption algorithm starts out with the key setup, which proves to be the most difficult process.

    Stream ciphers are typically based on the LFSRs, or Linear Feedback Shift Registers. This though, might not be as effective in software as it is in hardware. However, RC4 does not use the LFSRs which make it ideal for implementation on software, with only byte manipulation requirement. Meanwhile, it is also important to note that RC4 is also widely implemented in hardware since it is very easy to develop.

    As mentioned above, the RC4 is very vulnerable to attacks and criticism because it has failed to meet cryptographers’ standards for a secure stream cipher. Hence, if you are using a new application, you might not want to consider using the RC4.

    The RC4 works differently from modern stream ciphers because it does not separate nonce from the key. Hence, when a single long-term key is used to encrypt several streams, there is still a need for the cryptosystem to identify the combination of the nonce and long-term key before it generates the RC4 stream key.

    XOR

    The Exclusive OR (XOR) is a logic gate capable of digitally implementing exclusive disjunction. XOR encryption is a simple symmetric cipher used in applications wherein security is not a primary requirement. XOR gates are used to execute binary addition in computers.

    An elevated output results if only one of the outputs to the gate is high. If inputs turn low or both inputs are high, a low output results. The “military” and the “rectangular” are the two symbols for XOR gates.

    Hardware and Pinout

    XOR gates go under basic logic, and are thus identified in Complementary Metal Oxide Silicon (CMOS) and Transistor-Transistor Logic (TTL) integrated circuits. The 4070, the prevailing CMOS IC 4000 series, has four individual two-input pinout gates. To replace the less consistent 4030 while keeping the pinout, 4070 came out.

    This mechanism is available from many semiconductor producers. It is typically available in DIL and SOIC formats.

    Other Options

    If XOR gates are unavailable, four NAND (Not AND) or five NOR (Not OR) gates can be used instead.

    XOR operation is binary and designed for only two inputs, yet it is not uncommon in electronic design to hear of “XORing” more than two signals.

    This means that, in the operation, the two initial signals are sent to an XOR gate. Then the gate’s output is fed to a second gate together with a third signal, and so on for the remaining signals. A circuit outputs “1”, when the quantity of 1’s at the inputs is odd, and a “0”, when the quantity of incoming 1’s is even. This renders it a valuable parity generator or Modulo-2 adder.

    ASP.NET

    ASP.NET refers to a set of Web development technologies, or a Web application framework, used by programmers to create and develop dynamic websites and online applications. ASP.NET is the succeeding version of the ASP (Active Server Pages) technology. It is built on a virtual machine component known as CLR (Common Language Runtime). This enables programmers to write ASP.NET codes using any of the supported .NET languages.

    The ASP.NET framework functions through a series of procedures and starts by processing all codes present within the server. This is very similar to how applications process codes. After processing the codes, ASP.NET enables the server to return the result to the client. This result is normally in the form of HTML. The server then checks if the client supports JavaScript, and if it does, it uses this type of script to speed up the client’s browser processes.

    ASP.NET is useful in making object oriented programming (OOP) available to online sites. It allows programmers to separate code from display, which helps in cleaning and organizing OOP codes. ASP.NET also enables users to place controls in HTML pages. These controls create buttons, edit fields, and other elements that make the Web page dynamic. This Web application framework also allows programmers to modify the appearance of these elements and specify the tasks each one will perform once it is activated.

    ASP.NET presents a unique feature known as Web Services. Web Services enables programmers to install the different parts of one application on different remote servers and still allow said application to function properly.

    Wordlist

    A wordlist refers to a text file containing a set of words used in a dictionary attack. A dictionary attack is a process involving the use of every word in the dictionary as a possible password to open an encrypted message.

    Wordlists were created because of the fact that most users choose very weak passwords. For instance, many users simply use the word “password” or “computer” as their system password. Systems make use of wordlists for a number of purposes. The most common functions of wordlists involve checking and auditing Unix or Windows passwords. Users can also recover lost passwords of folders and files through a wordlist. Common examples of these are passwords of compressed or zipped files.

    Wordlists are also used to carry out a dictionary attack against systems allowing recurring log-in attempts. These systems include POP3 and SSH.

    Users need to have one based on the number of target accounts they are dealing with to optimize the results of the wordlist. If users are working with a large number of target accounts, a smaller wordlist can increase the user’s chance to find the right password. A large wordlist is more useful when the user has a smaller number of target accounts or a single target account.

    The World Wide Web is a good source of wordlists. There are numerous FTP links that let users download small and large wordlists. A number of encryption-related websites also offer a set of wordlists to its visitors.

    X.509

    X.509 is a standard set by the ITU Telecommunication Standardization Sector (ITU-T). It was developed for Public Key Infrastructure (PKI) in cryptography. This standard primarily defines formats for Public Key Certificates or PKCs. X.509 incorporates a hierarchical structure of certification authorities. This is in contrast to other model systems wherein any individual can attest to the validity of a person or group’s Public Key Certificate.

    An X.509 system involves certain elements and processes. The system starts when a certification authority releases a certificate which binds a specific public key to a unique name. Other alternative pieces of information to which the public key could be attached can be an e-mail address or a DNS entry. During the said event, the authenticity of the certificate becomes dependent on the root certificate. Root certificates are an integral part of the X.509 model and are implicitly trusted. Web browsers are common examples of software applications containing pre-installed root certificates.

    An X.509 certificate includes a number of variables. These are the certificate signature, the certificate signature algorithm, and the certificate itself.

    An X.509 certificate can also be described by a number of characteristics. These aspects include but are not limited to version, serial number, issuer, algorithm ID, public key information, and validity.

    X.509 is implemented in a number of protocols. Certain smart card products use X.509 in completing the transfer of data and ensuring the correctness and safety of their transactions. SSH, or Secure Shell, also incorporates the X.509 system in successfully establishing a secure connection between two computers. Transport Layer Security and Secure Multi-purpose Internet Mail Extensions are other protocols applying X.509.