Collaborate Disseminate
I vaguely remember some story about some cipher (I think it was 3DES) having some "issue" where if the key happened to be especially bad (like 0x00000…) then the resulting encryption becomes trivially attacked. The pathological… Continue reading The hidden perils of trying to handle bad rare outcomes
I’m new to DUKPT, so I’m not entirely clear about DUKPT and HSM. Right now, I’m trying to decrypt data (PAN number) from terminal.
So far, when I receive KSN and encrypted data, I understand that I need to find encryption key. From my HSM … Continue reading How to get Future Keys (Session Key) from IPEK for decryption data?
Mastercard, visa, and several other institution uses 3DES to encrypt and decrypt credit card data. The sweet32 attack placed 3DES on the spotlight, but how fragile is 3DES for very small amount of info, like 16 digit string (the card numbe… Continue reading How fragile is 3DES now a days?
I know there are some answers for similar question, but those seems for AES encryption only, and I got different result when I use python for key derivation.
Now I have passphrase and the salt (from encrypted file by OpenSSL previously usi… Continue reading How to recover key and iv for files encrypted by OpenSSL using 3DES encryption? [migrated]
If I use a database encryption package for oracle like dbms_crypto, would this be vulnerable to any attacks? I know that it uses algorithms like 3DES, AES, etc. These are all thigns that you can use while using this package, and there are … Continue reading Are encrypted databases secure against all attacks?
Introduction of the cryptosystem
Let’s say we have a system with a central server SRV that is considered secure (communication with this server is secured too with TLS).
Then let’s say we have many clients CLIENT which are … Continue reading How secure is this scheme?
Can users actually use the 3DES cipher to connect to a Tomcat web server, if the 3DES cipher has been disabled via registry keys in Windows:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphe… Continue reading 3DES supported in application although disabled in Windows
I have reinstalled Windows recently and as a result lost all of my login data for Google Chrome with sites’ passwords. A little research told me that I have to be under the exact same windows profile to decrypt the file via G… Continue reading Restore passwords from Google Chrome login file [migrated]
I need to generate the most secure private key.
Usually I use a command:
openssl genrsa -des3 -out mykey.key 2048
Is triple DES secure enough?
Is 2048 large enough?
Are there any other ways to make the private key str… Continue reading How to generate the most secure private key?
I have the cipher text here : 28 88 d9 2d 8d 2a ee e6 22 34 ff 7b f8 83 a9 ac which is encrypted using either AES, DES or 3DES encryption.
The keys are either of this
Hacker
Malicious
Mr.Robot
Exploitable