Is “double hashing” a password less secure than just hashing it once?
Is hashing a password twice before storage any more or less secure than just hashing it once? What I’m talking about is doing … Read more
cryptography
How are software license keys generated?
License keys are the defacto-standard as an anti-piracy measure. To be honest, this strikes me as (in)Security Through Obscurity, although I really have … Read more
Java 256-bit AES Password-Based Encryption
I need to implement 256 bit AES encryption, but all the examples I have found online use a “KeyGenerator” to generate a 256 … Read more
Fundamental difference between Hashing and Encryption algorithms
I see a lot of confusion between hashes and encryption algorithms and I would like to hear some more expert advice about: When … Read more
How do you use bcrypt for hashing passwords in PHP?
Every now and then I hear the advice “Use bcrypt for storing passwords in PHP, bcrypt rules”. But what is bcrypt? PHP doesn’t … Read more
How to decrypt a SHA-256 encrypted string?
SHA-256 is a cryptographic (one-way) hash function, so there is no direct way to decode it. The entire purpose of a cryptographic hash … Read more
Given final block not properly padded
If you try to decrypt PKCS5-padded data with the wrong key, and then unpad it (which is done by the Cipher class automatically), … Read more
How can I list the available Cipher algorithms?
Once I have a list of providers, as described in JB Nizet’s post, I still don’t have a list of algorithms. I found … Read more
Encrypt Password in Configuration Files?
A simple way of doing this is to use Password Based Encryption in Java. This allows you to encrypt and decrypt a text … Read more
What kind of Java type is “[B”?
That my friend is an array of bytes. In JNI, [B is used to describe an array ([) of bytes (B). An array … Read more