Collaborate Disseminate
I am using Naviserver’s nsssl module and it expects the list of TLS ciphers to be in OpenSSL’s “CIPHER LIST FORMAT” e.g.
ns_param ciphers “ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM… Continue reading Converting a list of ciphers to OpenSSL’s "CIPHER LIST FORMAT" [migrated]
I’m looking for a reference about the weird initial BCrypt text “OrpheanBeholderScryDoubt”
Why was this string used?
Would using 192 zeros or ones not have worked well in practice for some reason?
Was that just four random dictionary wor… Continue reading Why is the BCrypt text "OrpheanBeholderScryDoubt"
In analyzing the LUKS header on an encrypted volume, the cipher-name field shows a single-character = ‘@’. What does that mean?
The LUKS On-Disk Format Specification originally published by Clemens Fruhwirth in 2005 clearly defines the en… Continue reading What is a LUKS cipher-name "@"?
The Enigma was commercially available before the war, and even during the war, they got their hands on “live” such machines, heavily helping them in breaking the encryption used by the Germans.
The Lorenz was said to be much more secure, … Continue reading If the Lorenz cipher machine was so much more advanced than the Enigma, how was it broken without having a physical machine? [closed]
It seems as if they are either synonyms, or cipher was an older term for when they directly translated the same number (or almost same number) of “encrypted” characters into the same number of plaintext ones, whereas encryption means that … Continue reading What is the difference between "cipher" and "encryption"?
This question was prompted by a long Wikipedia session with me reading tons of articles on cryptography, causing far more questions than it answered.
Let’s say that I and another person know each other. We plan to do something important a… Continue reading How would anyone ever break even this basic, amateurish cipher/encryption scheme?
Basically, the only good thing about the “Enigma” cipher machine was its name. Other than that, it was grossly inferior to the “Lorenz” one, apparently only used by some of the main, top-ranking persons.
If they did have a much stronger c… Continue reading Why did the national socialists in WW2 not use the far superior "Lorenz" cipher machine instead of the bad "Enigma"?
During early World War I (1914–1916), Germany briefly experimented
with ‘dotty’ and ‘dashy’ Morse, in essence adding a dot or a dash at
the end of each Morse symbol. Each one was quickly broken by Allied
SIGINT, and standard Morse… Continue reading What exactly was "’dotty’ and ‘dashy’" Morse code?
As a part of my learning, I installed OpenVAS into one of our Ubuntu test servers and scan the said server. I have the results and I wanted to remediate the findings as part of my learning the Linux system.
I solve some of it but I’m stuck… Continue reading Disable vulnerable cipher suites
I have read that GCM is almost always more secure than CBC when implemented correctly.
However, in the documentation of NodeJS, CBC is being used as an example instead. The key-pair will be stored in the node environment.
… Continue reading Why does the NodeJS Crypto docs use CBC instead of GCM for RSA key-pair?