
 The Difference Between SHA1, SHA2 and SHA256 Hash . . .
An indepth look at hashing algorithms, how they relate to SSL Certificates and what it means when we discuss SHA1, SHA2 and SHA256
 OpenSSL CommandLine HOWTO  madboa. com
OpenSSL CommandLine HOWTO The openssl application that ships with the OpenSSL libraries can perform a wide range of crypto operations This HOWTO provides some cookbookstyle recipes for using it
 XMLSignature Syntax and Processing
1 0 Introduction This document specifies XML syntax and processing rules for creating and representing digital signatures XML Signatures can be applied to any digital content (data object), including XML An XML Signature may be applied to the content of one or more resources
 PHP: openssl_verify  Manual
openssl_verify() verifies that the signature is correct for the specified data using the public key associated with pub_key_id This must be the public key corresponding to the private key used for signing
 RSA (cryptosystem)  Wikipedia
RSA (Rivest–Shamir–Adleman) is one of the first publickey cryptosystems and is widely used for secure data transmission In such a cryptosystem, the encryption key is public and it is different from the decryption key which is kept secret (private) In RSA, this asymmetry is based on the practical difficulty of the factorization of the product of two large prime numbers, the "factoring
 AES Encryption in C#  gutgames. com
With a couple of projects that I've been given recently, I needed to add some encryption Luckily I had a utility class laying around that implemented AES (otherwise known as Rijndael)
 Public Key Infrastructure (PKI) and Encryption, Simplified . . .
1 Symmetric Key Encryption Most ciphers (encryption schemes) use the same key to encrypt data, and later, to decrypt the same data This is known as symmetric key encryption, and the key itself must be kept secret, because compromising the key means that the encrypted data could be compromised
 ssl  Why are Root CAs with SHA1 signatures not a risk . . .
Take Verisign's website, for example, which has a root CA with a sha1 hash signature Am I mistaken with understanding that were one to find a collision, they could impersonate the Verisign root C


