Collaborate Disseminate
For regular traffic in mesh network (between Internet of Thing devices) customer decided to use one of two options:
DTLS PSK ciphersuite – DTLS based on pre-shared symmetric key
or direct use of AES – customer wants to minimize traffic be… Continue reading DTLS vs direct use of AES. What are the threats unique for direct use of AES instead of DTLS?
I’m trying to wrap AES keys with an AES key using PKCS#11. Keys to be wrapped have the attribute CKA_WRAP_WITH_TRUSTED but the wrapping AES key(KEK) have the CKA_TRUSTED = false and still the wrapping works. Shouldn’t this be impossible. A… Continue reading Wrap keys with an AES key
Does MEGA store my password or decryption key? How do they check if the login information I enter is correct while only my email address is sent to the server?
I read this article: How can mega store my login details and still be secure?
… Continue reading Does MEGA store my password or decryption key? How do they check the login information I entered is correct or not?
I have a program written in Java which takes JSON string as argument, encrypts it using AES then encodes it using Base64.
JSON string is like:
{“a”: “b”} or {“a”: “n”} or {“a”: “k”}
I.e related object would have one property a. Value… Continue reading AES encryption (in Java) of different JSON strings always produce same encrypted string as result. Why? [closed]
I noticed after encrypting some files with 7zip that they contained the information about the encryption algorithm used AES 256, i want to know if there is a better software that doesn’t leave traces about the nature of encryption because … Continue reading Encrypt files without leaving a hint of the encryption algorithm used [closed]
I want to do something really basic but I need to be sure that the process is safe :
Problem
Alice and Bob have to agree on a secret 6 digits PIN. They each have a pre-shared aes symetric key k and a AES-128 block cipher. The PIN will th… Continue reading Is AES ECB mode safe for one block Encryption then MAC with same key?
I am newbie in AES, so I started to read about its pros and cons. WHEN I read that using same IV is discouraged, I wondered WHY? While searching about it I found that it can be Easily found out by a seasoned analyst. There are 2 questions … Continue reading How to find IV when key, plaintext and encrypted text is given?
I am asking specifically about AES CBC mode.
Is it safe to assume that an encryption key of length X with N characters known by an attacker is just as secure as a key of length X − N?
For example, is the following key:
[][][][][]abc (8 … Continue reading Does knowing part of the key make encryption weaker?
I don’t know if my concept would be secure so I ask here. The main purpose is to log in with password x and also use that password to encrypt an RSA private key with AES to store that in the main database, so when I log in with another acc… Continue reading Save private key in a database to share between multiple accounts
The NSA just published a survey of video conferencing apps. So did Mozilla. Zoom is on the good list, with some caveats. The company has done a lot of work addressing previous security concerns. It still has a bit to go on end-to-end encryption. Matthew Green looked at this. Zoom does offer end-to-end encryption if 1) everyone is using a… Continue reading Securing Internet Videoconferencing Apps: Zoom and Others