Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [cryptography]

63 questions
1
vote
1 answer

Cisco ASA crypto keys, SSH, and VPN

I'm new to the ASA and wanted to know if regenerating crypto keys on an existing ASA with established VPN tunnels could negatively affect the tunnels. The reason for wanting to regenerate crypto keys is so I can have version 2 SSH enabled (currently…
user33975
  • 123
  • 2
1
vote
2 answers

virtual machines and cryptography

I suspect I'm a bit offtopic with the site mission, but it seems me more fitting for the question than stackoverflow i'm in preparing to create a vm with sensible data (personal use, it will be a web+mail+... appliance of sorts), i'd like to protect…
Unknown
  • 13
  • 2
1
vote
1 answer

apache2 SSL Diffie Hellman key sizes

How to make apache 2.2 in debian lenny use Diffie Hellman key exchange with keys larger than 1024bits? I found a patch that theoretically adds this ability at Apache bugzilla but can't find any discussion about it. If it's not possible with mod_ssl,…
Hubert Kario
  • 6,361
  • 6
  • 36
  • 65
1
vote
1 answer

What cryptographic accelerators are recommended for use with Linux in the enterprise?

I've been investigating hardware cryptographic accelerators, and have come up against a dizzying array of possibilities. There are boards that range from $20 to $10,000 - and CPUs that have cryptographic accelerators builtin (several VIA chips on…
Mei
  • 4,590
  • 8
  • 45
  • 53
1
vote
2 answers

Can I use the same password for TrueCrypt as what I used when creating my Public Key?

I created and published a Public Key using gpg. I am now creating a TrueCrypt volume and wish to use the same password. Does knowing my public key, in this instance, make my TrueCrypt volume become any less secure?
Stephen Gornick
  • 261
  • 2
  • 5
1
vote
1 answer

What DNSSec implementations are available, and have they been checked for padding Cryptographic Oracle vulnerabilities?

A cryptographic Oracle is where one can deduce the private key when a error condition is created. Considering the recent ASP.NET padding Oracle exploit, can anyone tell me if the DNSSec implementations have been protected from similar "Cryptographic…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1
vote
0 answers

WebLogic 8.1 and 4096-bit SSL?

We have a scenario in which we'd like to configure a WebLogic 8.1 server (running on Windows, JRockit 1.4.2) to connect to Active Directory over SSL for authentication. Our Active Directory is configured for SSL with a Root CA and Subordinate CA…
Shadowman
  • 71
  • 1
  • 8
1
vote
1 answer

Windows Server 2012: how to prevent IIS from choosing SHA-1 for connections?

The problem: IIS on Windows 2012 picks SHA-1 algorithm when the client uses SHA-1 certificate. Even though the server-side certificate is SHA-256. So Chrome/Edge don't work. On analogous Windows 2016 setup: IIS uses a proper algorithm and everything…
Mikhail Orlov
  • 249
  • 1
  • 3
  • 9
1
vote
1 answer

What is the difference between the TVOCache and the URLCache in Microsoft CAPI2?

In the CAPI2 log, I'm seeing some CertVerifyRevocation events that have the location TvoCache and some that have the location UrlCache for the validation of the same certificate:
Rufus Buschart
  • 111
  • 1
0
votes
1 answer

server host key usage problem

I have my server host key(private key) in Openssl format that i want to use for server authentication. I prefer to use the trust model that client local database should associates each host name with the corresponding public host key. Since openssl…
Prasad Roy
0
votes
1 answer

Digital Signature is not valid

I recently received a digital signed email from a friend and the certificate is issued by COMODO RSA Client Authentication and Secure Email. My problem is the thunderbird detect it as a "Not Valid Signature" I double checked the CA Authorities on…
shiroyashaa
  • 1
0
votes
1 answer

Two salts, One password

If I have two different MD5 password hashes with two different salts (the salts are known), is there any way to cryptographically deduce if the two passwords match? Other than brute force password cracking, that is.
Jonas Bjork
  • 386
  • 1
  • 4
0
votes
2 answers

Group Policy Preferences item-level targeting propagation

I'm using GPPs to deliver some registry values and grabbed these using the Registry Wizard tool. This has created a collection with folder structure underneath. I want to use Item-level targeting to apply these so assigned this at the top collection…
jshizzle
  • 351
  • 11
  • 29
0
votes
0 answers

How to configure a Tomcat 7 TLS connector for maximum security

I'm trying to configure a Tomcat 7 TLS connector for best possible security. To test, I'm allowing the Qualsys test to run against my server. However I keep failing on the following points: This server is vulnerable to the POODLE attack. If…
Aditya K
  • 923
  • 3
  • 13
  • 24
0
votes
1 answer

After Updating to SHA2, private and public doesn't match

I've upgraded to SHA2 certificate, but after upgrading the new certificate key doesn't match my old private key. Public key has changed after updating and it doesn't match to previous private key. Is it usual that after upgrading to SHA2, the…
Sumit Murari
  • 255
  • 1
  • 2
  • 8
1 2
3
4 5