Collaborate Disseminate
I know that encrypting password hashes is a contentious issue. However, I have seen it recommended in some quarters. I know for instance that DropBox did this at one time with AES256. In these cases, all password hashes would… Continue reading When encrypting password hashes, how to handle nonces?
Apple’s newly released iOS 12.1.4 includes fixes for two serious vulnerabilities that are already used by hackers. The update also fixes the FaceTime bug that allowed users to remote enable other peoples’ microphones. The two vulnerabiliti… Continue reading Apple Fixes Two Zero-Day iOS Vulnerabilities Exploited in the Wild
The BLE data is encrypted using AES-CCM. the TLS1.3 removed AES-CCM from the cipher-suits due to security issue.
My question :
why don’t they encrypt the BLE using chacha20-poly1205 ? is it because there is no hardware supp… Continue reading Bluetooth low energy encryption using chacha20-poly1305
I’d currently encrypt a stream by piping it through the following command:
openssl enc -aes-256-cbc -pass file:/[keyfile path]
Is there a reliable implementation of ChaCha20-Poly1305 that I can use instead?
I am currently working with a symmetric algorithm which requires a nonce for encryption, and logically for decryption as well.
However, I am a bit confused about how I would go and synchronize the nonce on both clients.
Let… Continue reading How to synchronize a nonce between two participants?
I have a swift server, where currently authentication is handled through a simple email+hashed password combination. I want to replace this with an access token ( + expiration ) so I can remove the storage of email/password o… Continue reading Token generation and random numbers