Questions tagged [export]
The export tag has no usage guidance.
21 questions
8
votes
2
answers
2k
views
Understanding GnuPG --export-options backup
The GnuPG documentation lists an option called --export-options parameters. One of the possible parameters for this option is backup (aliased export-backup).
The description for --export-options ...
1
vote
1
answer
220
views
An intranet web app for decrypting values : a bad idea, and if so, why?
We have to protect a database connection string for a .NET desktop application that has an application-level database user. One option is to encrypt a section of the app.config using asp_regiis. But ...
- 341
1
vote
1
answer
3k
views
pfx file encryption algorithm
This seems like it should easily documented but I am unable to find.
My c# code does this to create a pfx file.
X509Certificate2 cert = store.Certificates.Find(X509FindType.FindByThumbprint, ...
- 197
1
vote
2
answers
438
views
Allow user to export data, what about security?
We developers of course try to create the most secure (web) application out there that will not be hacked. While we already know it's impossible to know for certain that your application is secure, we ...
- 117
2
votes
1
answer
2k
views
GPG: Is 'pubring.kbx' safe to share?
This public keyring pubring.kbx (as I merely guess from the name) must be safe to share publicly or is it not? Does it contain any sensitive information with respect to private keys?
I want to back ...
1
vote
1
answer
3k
views
Exporting non-exportable private keys in Mac
How would one extract a non-exportable private key in Mac OS X 10.12.4?
- 645
1
vote
0
answers
210
views
Right mechanism & workflow for repeated replication of passwords from LastPass to KeePass?
A lot of us currently use LastPass for the easy management, access and input of passwords for applications and websites.
Now, there are some people who are obsessive about not leaving it out to a ...
- 381
3
votes
2
answers
354
views
Is Apple’s latest encryption considered to be munitions grade?
According to U.S. Export and Import laws, any device that has a minimum level of encryption is considered as falling under munitions type laws.
Does Apple’s latest OS contain that level? And if it ...
2
votes
1
answer
3k
views
How can an attacker downgrade/modify the cipher suites when they are MACed? (Freak, Logjam use downgrade attacks)
In the Finished handshake of TLS all previous messages exchanged are sent from the client to the server (and reverse) and protected by a MAC. This is what also "prevents" TLS_FALLBACK_SCSV from being ...
- 1,257
1
vote
2
answers
2k
views
glibc getaddrinfo (CVE-2015-7547) vulnerability: should I update glibc if I do not configure DNS?
Recently Googly discover glibc getaddrinfo (CVE-2015-7547) vulnerability:
https://googleonlinesecurity.blogspot.co.il/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
We run our application on ...
- 1,479
7
votes
1
answer
9k
views
Why does Java allow AES-256 bit encryption on systems without JCE unlimited strength policies if using PBE?
It's fairly standard knowledge that due to the cryptography export controls, Oracle JRE ships with "limited" cryptographic strength enabled as listed in the JCA Documentation. For AES, the default max ...
- 209
2
votes
0
answers
3k
views
How to unwrap exported key from safenet HSM? [closed]
I am trying to write a software that will inject keys generated inside an HSM into a POS device, in the same way as described here
I'm using the Safenet emulator(software-mode) + the wrap/unwrap ...
- 121
0
votes
2
answers
221
views
FREAK attack - why doesn't Finished message prevent it?
Here is my understanding of FREAK (let me know if I'm right please):
1) Client wants to use modern RSA in ClientHello
2) MITM forwards Export_RSA
3) Server says ok and sends an export RSA key, ...
- 1
7
votes
1
answer
15k
views
SSL cipher suite: what does "export" mean?
I saw a cipher suite EXP-EDH-RSA-DES-CBC-SHA, EXP stands for export, How do I explain the "export"? What is the different between "EXP-EDH-RSA-DES-CBC-SHA" and "EDH-RSA-DES-CBC-SHA"?
- 71
1
vote
4
answers
871
views
When do governments allow export of cryptography software?
I see this notice in the TextSecure README:
The U.S. Government Department of Commerce, Bureau of
Industry and Security (BIS), has classified this software
as Export Commodity Control Number (ECCN) ...
- 283
1
vote
1
answer
1k
views
Export ciphers prevalance
I would like to clarify the consequences of not supporting export ciphers.
When I run a qualys ssl test on ebay.com, I notice that the following cipher suites are supported.
...
- 223
5
votes
1
answer
1k
views
NaCl: US Export Regulations
I'm in charge of a product security in our US based startup and I plan to use NaCl for encryption (well, Sodium, actually).
I'm trying to navigate the labyrinth of US export regualtions - something I ...
- 81
-2
votes
1
answer
308
views
US Export Laws (Encryption Cloud Service) [closed]
Okay - so I have been extensively looking into US export/import laws relating to encryption software (5D992), however I have a few questions about the laws and their applicability.
So, the laws ...
- 11
2
votes
1
answer
137
views
Does SGC Support reduce HTTPS security?
Server Gated Cryptography is a legacy technology (implemented by obsolete laws) that allows older browsers to establish a SSL session at a higher encryption.
This article says SGC should never be ...
- 51.1k
5
votes
3
answers
2k
views
Why have export controls for cryptography?
I've always heard someone justify the means for export restrictions with "it's for governmental control/spying". In most reasonable countries, the justice system asks people to adhere to the "spirit ...
- 51.1k
4
votes
2
answers
273
views
What International laws should one in the InfoSec industry we be aware of?
What InfoSec regulations should one be aware of when dealing with 'live' cross-border communications, or the offline transport of information?
- 51.1k