AES – WindowsTechs.com

Login with roles without internet

Posted on April 24, 2024 by Nifil

Disclaimer: question orignally posted here but i was encouraged to ask it in this stack instead.
Introduction part
I’m writing an application that requires authentication to be used, specifically the database and config file can only be re… Continue reading Login with roles without internet→

Why Ransomware generate keypair in victim?

Posted on April 20, 2024 by Thanh

I read this answer Ransomware encryption keys and understood how wannacry works. But I still have a question: as I understand, the hacker will put the hacker’s RSA public key in the malware, the victim machine will randomly generate an AES… Continue reading Why Ransomware generate keypair in victim?→

How Helpful is NXP’s LRP Encryption Protocol vs AES for short keys? [migrated]

Posted on April 17, 2024 by johnnyb

NXP has a custom (I think) encryption protocol known as "Leakage-Resistant Primitive", or LRP, built on top of AES. I think the goal of this is to basically "expand" the length of the key being used. This is used on d… Continue reading How Helpful is NXP’s LRP Encryption Protocol vs AES for short keys? [migrated]→

Key Exhaustion Risks in Symmetric and Asymmetric Cryptography [migrated]

Posted on April 11, 2024 by Bhuvan

For the symetric keys it is recommend that the same key should not be used to encrypt large number(2^32) of cipher blocks to avoid the key-exhaustion risk.
Curious to know whether the asymmetric key also has such a risk? i tried to searc… Continue reading Key Exhaustion Risks in Symmetric and Asymmetric Cryptography [migrated]→

Using AES-CBC with a random number plus a counter for the IV [migrated]

Posted on March 20, 2024 by Jojodmo

I understand that AES-CBC uses the following scheme for encrypting data (diagram from Wikipedia):

And, I understand that we don’t want initialization vectors to be predictable or constant, and also that you don’t want it to just be a plai… Continue reading Using AES-CBC with a random number plus a counter for the IV [migrated]→

Password-based encryption: keeping the user logged in without entering password again

Posted on March 12, 2024 by v_slav.b

Context
I have a system where some of user’s data is encrypted via AES. Each user has their own key K. When the user creates an account, the K is generated and encrypted with a key derived from password via PBKDF2 (let’s call this key P). … Continue reading Password-based encryption: keeping the user logged in without entering password again→

What best to put in unused nonce bytes when using AES-GCM-SIV [migrated]

Posted on February 9, 2024 by Karsten

I want to use AES-GCM-SIV for authenticated encryption of messages in my protocol.
Since it is a wireless protocol I want to transmit as little bytes as possible. For successful decryption I need to transmit the nonce alongside the ciphert… Continue reading What best to put in unused nonce bytes when using AES-GCM-SIV [migrated]→

Real Time Decryption of TLS 1.3 packets Asked today Modified today [closed]

Posted on January 31, 2024 by imawful

I am attempting to perform real time decryption of TLS 1.3 packets (TLS_AES_256_GCM_SHA384). I have retrieved the mastersecrets for the specific flow by using uprobes on OpenSSL, and matched the mastersecrets to the flow using ClientRandom… Continue reading Real Time Decryption of TLS 1.3 packets Asked today Modified today [closed]→

Assembly routine for AES CBC encrypt

Posted on January 26, 2024 by shawnixer

I’m assuming that OpenSSL is just using these functions here. page 66 is CBC
https://www.intel.com/content/dam/develop/external/us/en/documents/aes-wp-2012-09-22-v01-165683.pdf
Can I just generate a key/iv randomly and pass data off with t… Continue reading Assembly routine for AES CBC encrypt→

Assembly routine for AES CBC encrypt

Posted on January 26, 2024 by shawnixer