Collaborate Disseminate
I am a newcomer to GPG, and wanted to compare different ways of exporting keys, so I wrote the following shell script:
#!/bin/bash
for key in "FE…" "17.." "BB.."; do # key_ids are trimmed here
echo &quo… Continue reading Explaining output of GPG –export/–export-private-key key_id vs key_id!
Today it was time again to generate some new PGP key pairs that will be used for end-to-end-encrypted email. Now I’d like to know how exactly OpenPGP protects the private keys.
What I have understood so far is that the actual private PGP k… Continue reading How exactly does OpenGPG protect private keys?
So for this project I’m looking into encrypting a binary.
My binary should be protected by some means, making sure we know on the other end it was us who packaged/encrypted it.
For this simple task you could use something like a password p… Continue reading File encryption using asynchronous keys, having a public key in the field
The commonly used Time based One Time Password (TOTP) system requires the initial sharing of a key. This presents a security risk, as acknowledged by Wikipedia referencing the RSA compromise:
An attacker with access to this shared secre… Continue reading Is there an asymmetric TOTP algorithm that avoids sharing a private key over public channels?
I have a very unusual set of requirements for a cryptographic system and hope someone can help me. My requirements are:
Asymmetric: A private key is needed to sign, and a public key is used for verification.
Very short signature size: The… Continue reading Forgable and unconfidential short-term signature
The Signal Protocol, as many of you would know, is used by many applications such as WhatsApp and Signal. These corporations, I can vouch for, would definitely use the most secure protocol they could- as WhatsApp, for example, would happil… Continue reading Why does the Signal Protocol use a symmetric key for encryption- when asymmetric keys are more secure? [duplicate]
is it possible to infer information like: algorithm, key length, mode etc. of the private key from the public key or CSR?
Continue reading Infer information of private key from public key / CSR
I am not totally sure how the following concepts are related, could someone please explain?
password-based key derivation
passphrase that can be passed to crypto.generateKeyPairSync (in Node.js)
PBKDF2
I am creating a simple chat applica… Continue reading relation passphrase and password-based key derivation
For the symetric keys it is recommend that the same key should not be used to encrypt large number(2^32) of cipher blocks to avoid the key-exhaustion risk.
Curious to know whether the asymmetric key also has such a risk? i tried to searc… Continue reading Key Exhaustion Risks in Symmetric and Asymmetric Cryptography [migrated]
I am working on a project where I need to securely encrypt and decrypt files on a product without the ability for direct communication or key derivation after the product is sold. The challenge is that I can only store encrypted data on th… Continue reading Encryption without a classic exchange scenario