Questions tagged [cryptography]
Cryptography is the practice and study of logical means used to achieve information confidentiality, integrity and authenticity. It covers, among other things, encryption (making some data unreadable except for those who know a given secret element, called a key), data hashing (in particular for password storage) and digital signatures (provable integrity and authenticity with non-repudiation).
2,381 questions
1
vote
1
answer
48
views
How can I "update" a pgp public key on a keyserver with a new signature for one of the user id
I have created a pgp keypair and uploaded the public key to keys.openpgp.org.
It included my email address.
A government service has now verified my citizen ID and signed my pgp public key user id (...
- 111
0
votes
0
answers
124
views
HSM for Secure Encrypted Data Storage
I'm trying to make a device that will encrypt and store data. It should require a master password at startup, but then shouldn't need anything else to decrypt the data throughout the lifetime of the ...
- 119
0
votes
0
answers
31
views
Create a certificate for a PGP key pair [duplicate]
I have to generate a PGP keypair and share the public key with an external provider. Based on how we already handle it with RSA keypair, we are using the concept of trusted CA which issues certificate ...
- 101
2
votes
1
answer
315
views
Can a TLS MITM decrypt Apple Airdrop files?
I know that TLS MitM can get HTTP/S traffic decrypted when using certificates.
I'm wondering if it has the ability to decrypt the Apple Airdrop protocol as well as it doesn't go through a server and ...
- 21
2
votes
0
answers
54
views
What is best practice cryptography when it comes to this scenario?
Lets say we have an application WebApp where users input confidential data to be sent to Acme Inc's secure enclave (AWS Nitro in this case) for processing, and the results of this processing are sent ...
- 21
2
votes
0
answers
30
views
rationale for the FIPS 140-3 Pre-operational Integrity Technique Self-test
The FIPS 140-3 10.2.A Pre-operational Integrity Technique Self-test introduces new requirement. Prior to that, in FIPS 140-2, a Power On Self Test was done in order to be able to use a given part of a ...
- 121
1
vote
0
answers
93
views
Doubts About Whether 128-bit Entropy is Secure Enough [duplicate]
I've read a lot of materials(including other related questions in this site) and seen many people lay out the mathematical formulas. I have a decent background in math, so I understand how long it ...
- 121
2
votes
0
answers
76
views
Use Cases for Fully Homomorphic Encryption Within an Organization
I would like to know if and what are the practical use-cases for Fully Homomorphic Encryption within an organization?
I understand that FHE allows you to delegate processing of data without giving ...
- 287
4
votes
1
answer
294
views
How can I use PBKDF2 to derive an encryption key from a password and then access that key later without the password (i.e. with a cookie)?
I'm developing a notetaking app that will store users' note and file data encrypted in a db and on backblaze (respectively). The app will not be end-to-end encrypted but data will be encrypted in ...
- 43
0
votes
0
answers
82
views
BLE Challenge-Response Authentication Using Pre-Shared Key and SHA-256
I’m working on a Bluetooth Low Energy lock system and have implemented a challenge-response authentication flow for secure communication between the lock (an ESP32 device) and the user's phone. I'm ...
11
votes
3
answers
3k
views
Determining Entropy in PHP
I am using the following code in my code to send a password reset token to a user.
$token = md5($user_id . time());
Why this is considered as a bad approach being cited as it has a weak entropy. The ...
- 343
0
votes
1
answer
95
views
Decrypting base2i encryption? [closed]
We all know base64, which can be easily decoded, but there's also base2i encryption. Yes, the base is a complex number. I can only find very limited resources online about this. I'm wondering how can ...
- 227
1
vote
2
answers
89
views
How does the key distribution center (KDC) distribute the session key in symmetric ecryption?
When A communicates with B using third party KDC:
A issues a request to the KDC for a session key; the message includes the identity of A and B and a nonce, N1.
KDC responds with a message encrypted ...
- 13
3
votes
0
answers
76
views
Security concerns when adding virtual keys to an existing system relying on physical DESfire keys
Imagine a room shared by many people that can obtain a key to the room, once they meet a certain set of requirements. The room has an electronically controlled door lock, which can be locked and ...
- 131
-1
votes
1
answer
126
views
Can ML-KEM be used for other purpose than exchanging AES GCM keys?
After checking implementation of ML-KEM , I believe the main purpose is to replace Diffie-Hellman RSA key exchange with some more secure method.
If AES-GCM is chosen as the secret key to exchange, how ...
2
votes
2
answers
141
views
How do I capture HTTPS requests with Python if I have full access to the user's computer
Before any of you answer, "HTTPS is built on top of TLS and everything is encrypted"
I need to specify a very important note: I have FULL access to the client's machine (Windows)
My ...
- 21
2
votes
1
answer
318
views
How does JWE secure the Content Encryption Key
I apologise in advance if this is a dumb question. But this seems like one of those straight forward things that are so straight forward that its not even mentioned and I am not getting it.
Perhaps I ...
- 123
3
votes
2
answers
461
views
In practice, what are the identities in the Needham–Schroeder protocol?
In the Needham–Schroeder public-key protocol we have the identities A and B of Alice and Bob, respectively. The initial version of the protocol was vulnerable to a MitM attack where the fix consists ...
- 709
1
vote
1
answer
93
views
In TLS1.3 server hello can the legacy version field set to 0x0304
As part of TLS1.3 handshake client hello sent containing the TLS1.3 version support as part of suppored_versions extension, consider if as part of server hello supported_versions extension is not ...
- 51
1
vote
0
answers
37
views
Can linear congruential generator be used in public-key cryptography? [closed]
The question is not about generating pseudo-random numbers with linear congruential generator.
A linear congruential generator (LCG) is defined by the recurrence relation:
[ X_{n+1} = (a X_n + c) \mod ...
5
votes
2
answers
2k
views
What exactly is the Randstorm vulnerability?
I've read the article from Unciphered about it, multiple times, and still fail to understand it.
It basically says that wallets generated by the BitcoinJS front-end library from 2011 to 2015 are ...
- 51
1
vote
1
answer
491
views
what should be the response of keyupdate if the initial KeyUpdateRequest is set to update_not_requested not update_requested
"The KeyUpdate handshake message is used to indicate that the sender is updating its sending cryptographic keys."
"If the request_update field is set to "update_requested", ...
- 51
2
votes
2
answers
115
views
Security Risks of Deriving Crypto Wallet Seed Phrases Using Deterministically Derived Salt
I'm working on a project where I want to generate a set of crypto wallet seed phrases from an existing seed phrase. The reason for this is so that using just the original seed phrase the wallet holder ...
- 21
1
vote
0
answers
46
views
Security considerations in choosing DTLS connection IDs
Are there any security concerns with choosing highly structured or short connection IDs for use in DTLS? For example:
32bit connection IDs handed out sequentially: There is obviously statistical data ...
- 262
2
votes
1
answer
63
views
Why is the "intermediate" challenge needed in Bluetooth ECDH since the "real" verification is performed at the end with code comparison?
Why is step 4 needed? What does it protect in terms of security? Doesn't the protection arrives from the last step so when Va and Vb (so called TK, Temporary Keys) are compared?
Other thing: I read ...
- 197
4
votes
2
answers
744
views
Omit IV for AES128-CBC when requiring to always get the same ciphertext encrypting random IDs
Imagine having images stored in a system with their 256 bit hash (BLAKE2b) as their unique ID. We want to produce a URL for each image, something like:
https://host/images/cleartext-image-ID
In order ...
- 604
0
votes
1
answer
85
views
relation passphrase and password-based key derivation
I am not totally sure how the following concepts are related, could someone please explain?
password-based key derivation
passphrase that can be passed to crypto.generateKeyPairSync (in Node.js)
...
- 15
1
vote
1
answer
103
views
Login with roles without internet
Disclaimer: question orignally posted here but i was encouraged to ask it in this stack instead.
Introduction part
I'm writing an application that requires authentication to be used, specifically the ...
- 113
0
votes
0
answers
26
views
Making a safe certifcates system for an actions API [duplicate]
I have been working on a certificate system for use (as a means of authentication) with my accounts system APIs. I am still thinking out the details, I have only watched a few videos on asymmetric ...
- 1
0
votes
0
answers
79
views
EEPROM with HDD calibration data
I understand that in a Hard Disk Drive (HDD) there is EEPROM which stores calibration data. This is not directly accessible by any ring-3 (usermode) or ring-0 (kernel mode) programs.
I was curious as ...
- 713
0
votes
1
answer
71
views
Question about storing salt values and hashed passwords in the database [duplicate]
So I was reading through an article about how passwords are salted and hashed through a cryptographic function here, and found out that hashed passwords, along with the plaintext salt values are ...
- 101
0
votes
0
answers
82
views
How to securely store signature file
I am using TPM to to encrypt and sign my data. But since I am not security expert, I need to come to you guys :D
I am developing this app to verify file content. I already has this part sorted out ...
- 1
0
votes
0
answers
23
views
Cryptography system: same fingerprint => same private key [duplicate]
Would it be possible to design and attach a system to a smartphone whereby a public key cryptography system is attached a unique private key to a fingerprint without storing anything (the same ...
1
vote
1
answer
180
views
Algorithms when using client side hashing plus server side hashing
So if I got this right from my intense research, the following procedure would be preferrable:
Use the PBKDF2 key derivation function to derive a secret key from the users password on the client side.
...
- 11
2
votes
1
answer
204
views
Securely storing derived key in web app and handling user identity
I am currently working on an open source project to securely store notes, payment card numbers, etc. I would like to implement a zero knowledge encryption method so that no one but the user can ...
- 23
3
votes
1
answer
3k
views
How does the SSL/TLS protocol determine if a certificate is expired or not?
I already tried googling but no luck. All search results always tell you how to check cert expiration manually, but that is not my question. Yes I can use OpenSSL for example, but what I am asking is ...
- 139
0
votes
1
answer
182
views
Revoking a digital signature at the cryptographic level
How do I indicate that a specific document or transaction associated with a particular signature should no longer be considered valid?
I'm talking of recalling a signed document, not revoking the ...
- 2,483
1
vote
0
answers
95
views
Is it possible to securely use a remote service in a completely hostile network environment
A worldbuilding technical question!
I am an extremely evil power-mongering country government. There is a company S under my jurisdiction, physically located completely inside the borders. This ...
- 119
2
votes
1
answer
122
views
cryptography - BitBox02 firmware signed & public key attached to firmware image for verification
Bootloader of the BitBox02 crypto wallet verifies the main application with the public keys that are attached to the firmware update itself. Next to that, there are signatures of the public keys, ...
1
vote
1
answer
463
views
How to get a 12 bytes authentication tag in AES-GCM
i want to generate a 12 bytes authentication in AES-GCM. my code only give me an output tag of 16 bytes. i have tried to use the min_tag_length but it rises an error.
can i get your guidance, thank in ...
- 21
1
vote
2
answers
395
views
Encrypting/wrapping a private RSA key in PKCS8 using AES-GCM and openSSL 3.20 (library not command line tool)
I need to protect a private RSA key using a passphrase but using AES-GCM for the actual encryption.
This is normally done using various a combination of openSSL library calls. However, I now need to ...
- 11
0
votes
1
answer
128
views
Does self-signed encryption certificate violate "no multi-use keys" principle?
Say that I have generated an RSA keypair, which I intend to publish only for use with RSA-KEM; I can see that this is provisioned for:
The intended application for the key MAY be indicated in the key ...
0
votes
0
answers
121
views
RSA vs Shor's Algorithm/Fast Factoring — Server Credentials & MITM
I've watched a lot of videos on Shor's Algorithm and Quantum Computers. Most of these videos say these two things undermine RSA via fast-factoring, but they never really explain how fast-factoring is ...
- 1
1
vote
4
answers
196
views
Over-Optimizing Security? Storing Encrypted Data on a Server While Private Key Remains With User
Assume that I have a server storing sensitive user information (think medical records). I want this data to be encrypted on my server at almost all times. Only when a doctor needs to access the data ...
- 11
0
votes
1
answer
438
views
Why in "openssl pkeyutl -verify" is needed both public and private keys? Why isn't public key enough?
I created a signature with:
openssl pkeyutl -sign -inkey rsa.key.bob -in plain -out plain.sig.bob
and to verify, Alice just needs to use Bob public key to check the authenticity of the message.
So ...
- 137
1
vote
1
answer
199
views
How to break poorly implemented One-Time-Pad
I have a cipher text, that was created using One-Time-Pad, but the idea is that it was encrypted badly. The message, a section of a book, was encrypted using a pad 256B long repeated many times over (...
- 11
2
votes
1
answer
145
views
DHE key exchange with p value 257 bytes but a pubkey of 256 bytes
I came across a packet capture in Wireshark where p length = 257 bytes and pubkey length = 256 bytes. See the ServerKeyExchange snip below:
Diffie-Hellman Server Params
p Length: 257
p: ...
- 23
0
votes
0
answers
27
views
Any idea on how this 36 character long string generated? [duplicate]
I have a personal id "U1KFhYtMqZhCYya6sy31PVLM8DlM5HLCkwy3", I have checked some hash functions but cannot make sure how this generated? Is this just random string generated with [a-zA-z0-9]?...
- 101
3
votes
2
answers
1k
views
LUKS: How many iterations are enough?
The luksFormat command accepts iteration time as a parameter, not iterations. That obviously leads to quite different number of iterations depending on the hardware doing the encryption. However if ...
- 435
0
votes
1
answer
325
views
Why are there so many different encryption algorithms?
Taking a quick look at Wikipedia, there happens to be a vast amount of different encryptions/cryptographic algorithms. Yet, many of the listings show that these encryption methods are not in use today ...
- 21