Collaborate Disseminate
This is just a thought experiment. I am trying to get an understanding on when we need password hashing functions and when they don’t bring any benefits (eg. to save on calculation cost).
I know that password-hashing-functions are to be us… Continue reading What is the best way to store the verifyer for posession of a high entropy secret?
The password of the user shall be used for client side encryption. A PBKDF and salt shall be used to derive a key from the user password.
Do I need to store this salt on the server and deliver it to each new client/device the user authenti… Continue reading When using a user password for client side encryption, do I have to store the salt for the user encryption key on the server?
I am slowly accepting that OAuth2 is quite amazing, but I’m still worried about the fact that an IdP could theoretically impersonate me as discussed in Can an identity provider impersonate me? (Can Facebook post Stack Overflow questions un… Continue reading Would having two identity providers prevent the theoretical possibility of impersonation by an IdP?
When using Shamir’s secret sharing algorithm one has to define the size for the finite field over which the secret is split. I came across a few implementations, like secrets.js-lit, and as far as I can see the implementation chunks the se… Continue reading Shamir secret sharing, is security reduced by chunking a secret into smaller blocks?
As far as I understand it, when using Shamir’s secret sharing algorithm, you have to specify a finite field for your operations that is big enough to hold your data.
I tried to look for secret sharing algorithms, but I only get results for… Continue reading Is there an algorithm like shamir secret sharing that allows arbitrary length inputs?
I am aware that it is possible to use a block cipher with the GCM-mode to provide authenticity, but this does not completely do what I need.
I have a cloud storage provider I do not completely trust, in particular when it comes to rolling … Continue reading E2E-Encrypted Storage: How to detect that data has been rolled back?
When using AES-GCM-256 with random nonces, a limit of 2^32 encryptions is specified in order to have a low nonce collision probability. A new key has to be generated to take its place afterwards, I am at this point.
I used my old key to en… Continue reading E2E-Encrypted storage: What to do when the lifetime of a key is over?
U2F devices store an internal counter to resolve a challenge and the counter value is sent back to the server (source).
I think the counters on the server and on the client must go out of sync from time to time, the internet connection jus… Continue reading How do u2f devices manage to not go out of sync?
Are the authentication strength of the different authentication factor categories (knowledge-factors, posession-factors and inherence-factors) ranked in any way, like "inheritance-factors are stronger than posession-factors"?
I w… Continue reading Are the authentication factors considered to be of the same strength?
I know that u2f keys are designed as authentication factors, but I think it would not be far fetched to also add a protocol that the user can use to encrypt or decrypt data on the client-side. This would relieve the user from remembering a… Continue reading Is there hardware (like u2f-keys) for passwordless client-side encryption & decryption