LES! Posted November 22, 2007 Share Posted November 22, 2007 WMP11Slipstreamer V0.95 has performed flawlessly on previous uses. Last use approximately a week ago. this indicates that possibly a system change is the root of this problem. I have followed Belarc (CIS) security to increase system security. These changes are not causing any other known problems. This is the reported error can any one offer a possible solution. I would prefer to leave the system at the current security level if possible. Using Windows XP pro SP2. Any assistance with this is appreciated. Thank you. LESWMP11Slipstreamer v0.95System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms. at System.Security.Cryptography.SHA256Managed..ctor() --- End of inner exception stack trace --- at System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) at System.RuntimeMethodHandle.InvokeConstructor(Object[] args, SignatureStruct signature, RuntimeTypeHandle declaringType) at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object[] args) at System.Security.Cryptography.PasswordDeriveBytes.set_HashName(String value) at Epsilon.Security.Cryptography.CryptoHelp.CreateRijndael(String password, Byte[] salt) at Epsilon.Security.Cryptography.CryptoHelp.DecryptStream(Stream fin, Stream fout, String password) at WMP11Slipstreamer.CM.DecryptToString(Byte[] Bytes, String Password, Encoding encoder) at WMP11Slipstreamer.Backend.PrepareDependencies() at WMP11Slipstreamer.MainGUI.workerMethod(Object addonSettings)Deleting "C:\1nlite\XP_CD\i386\wmp11temp"... Done!The source being modified has not been damaged.All changes have been successfully reverted Link to comment Share on other sites More sharing options...
Kelsenellenelvian Posted November 23, 2007 Share Posted November 23, 2007 Moved to the proper section! Link to comment Share on other sites More sharing options...
n7Epsilon Posted November 23, 2007 Share Posted November 23, 2007 (edited) You enabled the "Use only FIPS-compliant cryptographic algorithms" windows local security policy using Belarc Advisor. This does not change how Windows encrypts, hashes or signs anything but it just prohibits programs from using non-FIPS approved algorithms. You shouldn't need this settings unless you work for a top secret organisation where just running a non-FIPS approved application is a crime IMO... In addition, this breaks almost all older applications (that enforce windows security policies).FIPS on Wikipedia.What the setting you changed means.WMP11Slipstreamer makes use of the MD5 hash algorithm in its implementation and while I perform extra measures (hash salt) to prevent it from being reverse engineered, MD5 was demoted from the FIPS specification because it can now be broken with Rainbow Table technology (however, that only works if it is unsalted and the source password is short and easily predictable).Rainbow Tables depend upon creating the hash for *every* single possible password and trying to do a reverse lookup from the generated database, so salting the hash (ie: Adding random info to the data being hashed) will make each result completely different and thus be immune to this attack.However Windows does not understand this, and in accordance with your security policy, blocks WMP11Slipstreamer from creating an instance of the MD5 algorithm...How to undo this change:1. Start > Control Panel > Administrative Tools > Local Security Policies2. On the left panel, expand Local Policies > Security Options3. Scroll down to "System Cryptography: Use FIPS compliant algorithms for encryption, hashing and signing.". Double click on it and change it to "Disabled"4. You may need to reboot your PC for the change to take effect (because Windows only reads the security policies once when it boots (by csrss.exe and lsass.exe)) Edited November 23, 2007 by n7Epsilon Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now