Collaborate Disseminate
I am creating a cross-platform application, in which I am encrypting all data using AES-GSM.
So my problem is that I want to store private keys locally on the user’s device (either Android, IOS, Web, etc.). But Since for login I have multi… Continue reading How to encrypt/store private key, if login is with biometrics/OTP/Sign in with Google
I am creating a cross-platform application, in which I am encrypting all data using AES-GSM.
So my problem is that I want to store private keys locally on the user’s device (either Android, IOS, Web, etc.). But Since for login I have multi… Continue reading How to encrypt/store private key, if login is with biometrics/OTP/Sign in with Google
A new AES/CBC encryption is defined as:
C_0 = E_k(p_0) ⊕ IV
C_t = E_k(p_t) ⊕ C_t-1
Imagine that an attacker knows:
E_k is AES-128 and using the PKCS#7 padding
plaintext 1: such as "ABCDEFGHIJKL1234 EFGHIJKLABCD1234 EFGHABCDIJKL1234… Continue reading What is the vulnerability of this modified AES/CBC? [migrated]
I want to reconstruct an unkown plaintext.
I know that the text is encrypted with AES GCM and i know the length of the text.
Also i know the following:
For any number of known (secret key, nonce (iv)) pairs, I know the authentication tag.
… Continue reading Reconstruction of a ciphertext with known secret key, nonce and tag
I have set up MitmProxy with a Python script to intercept network responses from one domain, used by a Desktop App. However, when I start up the App, I get the following series of transactions
{
"code": 200,
"message… Continue reading Intercepting responses using mitmproxy in Python. Problem in decryption
I want to make UEFI/UFI encrypt disk with AES on boot, is it possible?
If yes, how can it be done?
I read this https://medium.com/@betable/tifu-by-using-math-random-f1c308c4fd9d
and if the key is generated with an old browser using math.random via chrome v8, could the AES encrypted message be cracked just by trying all the combinations?… Continue reading Can aes256 be cracked with math.random
I’m working on updating the encryption method of a class at work. The encrypt and decrypt methods take the text to encrypt/decrypt and a string which used to be used as a salt (this string is hardcoded in the method calls in lots of places… Continue reading Is there any benefit to encrypting a derived key?
I have a set of text data, that are of high importance and I want to encrypt them. Be it to keep it on a cloud for redundancy, or for an extra layer of security in my local machines.
I understand AES256 is maybe the way to go.
My plan is t… Continue reading What is the best way to encrypt extremely sensitive and important data
Let’s assume we have symmetric crypto with the same IV for each operation.
From my perspective, encrypting the whole archive is better, as similar strings are compacted and the CBC will work for us even if there are same regions.
Encryptin… Continue reading What is more secure: encrypting individual files in archive or encrypting the archive itself?