Category Archives: Security

UDP NAT Transversal

  Here is a cool paper on Peer-to-Peer Communication Across Network Address Translators (i..e UDP NAT Transversal) — William

Posted in Security | 12 Comments

Simple string/byte[] encryption and decryption using AES in C#

Paste these methods in your Utils class or other and use them as is to encrypt and decrypt your strings or byte[]s.  The session key is derived from the password you supply.  This works on any machine with .Net 1.1+ … Continue reading

Posted in Security | 18 Comments

Secure Remote Password (SRP) Solution in C#

I just completed an SRP solution in C# and put it up on Channel9 at:   This solution used SRP and WSE to return a SecurityToken (SCT) to the client.  The cool thing about SRP is that it is … Continue reading

Posted in Security | 19 Comments

SHA1 Broken?

SHA1 Broken?  See here. Here is a nice table of hash functions and attacks. Sam makes an interesting point.  We probably don’t have to worry about this too soon.. "Dougal, put another way: an uncracked MD5 gives you … Continue reading

Posted in Security

This is how most people get around your security

How true. (from Keith)

Posted in Security | 2 Comments

Get public key from X509 Cert

Some ~simple C# code wrapping pinvoke to get the public key on an X509Cert: // Usagestring certFile = @"c:\mycert.cer";X509Certificate cert = X509Certificate.CreateFromCertFile(certFile);RSACryptoServiceProvider rsa = CertUtil.GetCertPublicKey(cert);Console.WriteLine(rsa.ToXmlString(false)); /// CertUtil helper Class.using System;using System.Security.Cryptography;using System.Runtime.InteropServices;using System.Security.Cryptography.X509Certificates; namespace WSESimpleTCPDLL{ [StructLayout(LayoutKind.Sequential)] public struct PUBKEYBLOBHEADERS  {  public byte bType;  //BLOBHEADER  public … Continue reading

Posted in Security | 40 Comments