Skip to content

Monthly Archives: March 2008

Reversing WebSphere {xor} password protection

Friday, March 21, 2008

IBM WebSphere stores its passwords in files. Everybody does that and it is hard to do otherwise. When I am confronted with the problem, I usually say that the only option you have is what file you want a password in. IBM (in WebSphere) went a little further by applying a hardcoded XOR. Each caracter [...]

Filed in Security | | Comments (1)

Asymmetric cryptography mnemonic trick

Tuesday, March 18, 2008

When ever I teach cryptography to beginners, they are confused with what you can do with the private and public key, in an asymmetric cryptographic scheme. I start by saying the your private key never leaves you, no matter what. No exception to the rules. To help with the rest, I made this chart. Operation [...]

Filed in Cryptography | | Comments (0)