Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [encryption]

Encryption is transforming information through a cipher to protect it from unauthorized access.

Encryption is the process of taking some information (the plain text), and transforming it (usually with a cypher and a key) so that it is secure. Assuming a sufficiently strong cypher and key have been chosen, this cyphertext can be shared widely, without the information being compromised.

The reverse of Encryption is Decryption, where the process is reversed (normally by someone holding the key and cypher details) to return the information.

See the Wikipedia Page for more details.

775 questions
1
vote
1 answer

How to securely control access to a backend key server?

I need to securely encrypt data in my database so that if the database is dumped, hackers are unable to decrypt the data. I'm planning on creating a simple key server on a different machine, and allowing the DB server access to it (restricted by IP…
andy
  • 159
  • 1
  • 10
1
vote
3 answers

Exchange: encrypted mail database?

For an Microsoft Exchange server, is it possible to encrypt the email database such that the sysadmin cannot see the emails? In other words, the admin would be responsible for all aspects of running the Windows server and Exchange process, but would…
Matt
  • 1,047
  • 2
  • 14
  • 20
1
vote
1 answer

How to verify that a physical volume is encrypted? (Ubuntu 10.04 w/ LUKS)

I am very new to LUKS. During installation, I tried to set up an encrypted physical volume so that everything underneath it would be encrypted. I chose "Use as: physical volume for encryption," the installation completed and I have a working…
Bob B.
  • 37
  • 3
  • 7
1
vote
1 answer

When using Transparent Data Encryption for SQL Server 2012, can you use different encryption keys for each database?

I am new to using TDE for SQL Server and one of the requirements that a client has is that their database be encrypted using a different key that is unique to only their database. I was wondering if that is possible and how that is accomplished.
CheckRaise
  • 113
  • 1
  • 5
1
vote
2 answers

Store password AES encrypted in MySQL after creating a bcrypt hash

I am building an application and storing user passwords in a table in MySQL. I am already using bcrypt but wondering, does it make any senses to AES_ENCRYT() the hashed password before storing into the database? Example: $bcrypt = new…
Justin
  • 5,328
  • 19
  • 64
  • 84
1
vote
4 answers

Shared encrypted filesystem for ec2 instances

Me and my company intend to start using ec2 for distributing some cpu-intensive pieces code, involving a few 10s of gb of data, however I have some concern about the protection of the intellectual property which the code holds (and to a much lesser…
itai
  • 111
  • 2
1
vote
1 answer

Encrypting iSCSI Volume attached to Windows Server using Truecrypt

I'm using a QNAP-439 Pro II SAN. Full disk encryption is currently enabled. But since you take a 80% performance hit by enabling encryption I'm thinking about disabling encryption on the SAN and offloading it to Windows Server 2008 R2 Machine that…
Oliver Weichhold
  • 127
  • 6
1
vote
2 answers

RC4_128 to avoid BEAST?

I'm using a Verisign Extended SSL cert which is piped downstream by nginx running the default cipher suite config. This results in a 256 bit encrypted connection. However, since it's a CBC method, should I be concerned about a BEAST attack? The…
Lee Benson
  • 143
  • 7
1
vote
1 answer

Decommissioning PKI - How do I set a CRL Next update to null?

I am planning on deploying two Windows 2008R2 PKIs: One for legacy devices that don't support SHA-2 / ECP and another one that does support it. When the time comes to decommission the SHA1 environment I want to have the CRL next update be the last…
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1
vote
1 answer

Reliable PGP / GnuPG decryption for Mac OSX Mail

I'm developing a web app which emails encrypted data (from a web form) to a client who uses Macs/OSX exclusively in their office. I'd like to know: Is there are any reliable solutions for PGP / GnuPG decryption on Mac OSX mail? I've come across…
Prembo
  • 927
  • 1
  • 6
  • 11
1
vote
1 answer

Does double encryption occur when Outlook Anywhere automatically encrypts MAPI data?

Does this checkbox mean that MAPI-based RPC data will be encrypted and then encapsulated over HTTPS, resulting in double encryption? I'm asking this question based on this understanding of terms.
makerofthings7
  • 8,911
  • 34
  • 121
  • 197
1
vote
2 answers

Hardware-based FDE question/concern

My question is basically this: What are people's experiences with hardware-based full disk encryption, esp from a security-auditing standpoint? More info: I'm specifically looking at the Seagate Momentus FDE drive with Wave's Embassy Suite (If you…
Garrett
  • 211
  • 1
  • 5
1
vote
4 answers

Encrypting a column in SQL Server 2000 database

I've been tasked with encrypting several years worth of sensitive data (don't ask) stored in a SQL Server 2000 Database. I need to encrypt both historical data and come up with a process to encrypt and decrypt new data as it flows through the…
TGnat
  • 121
  • 1
  • 4
1
vote
2 answers

Encrypting traffic on remote end of SSH tunnel

Using an example of someone connecting to a VPS, an SSH tunnel will encrypt any traffic coming from the user to the VPS. Once it reaches the VPS network, the traffic is not encrypted and is easily sniffable by network administrators on that…
Aaron
  • 722
  • 2
  • 10
  • 19
1
vote
2 answers

Can't decrypt imaps traffic in Wireshark

I have currently problems to decrypt IMAPS Traffic in Wireshark. I set up the SSL Key with the correct IP Address, Port 993 and Protocol imap. The Key is the correct one. That is what I see in the SSL log: dissect_ssl enter frame #136 (already…
reox
  • 165
  • 2
  • 10
1 2 3
51 52