Collaborate Disseminate
When I came to the topic of Ansible (Vault), when deploying secrets in Ansible and other passwords up to 128 characters Shamir’s Secret Sharing would be an ideal solution I think:
The secret is never in one spot
The secret can be encrypte… Continue reading Why don’t basically all "clusters" and similar distributed systems use Shamir’s secret sharing method? [migrated]
It’s that time of the year – I’m trying to learn how AES-128-CBC encryption works. My key is (since it’s AES-128) is 16 bytes, my IV is 16 bytes as well. My implementation of key wrapping does apparently does not help me much to comprehend… Continue reading Some questions about AES-128 key wrapping using RFC3394
Given the following conditions:
The encryption program, which uses some algorithm resembling AES-128 but with unknown modifications to real AES-128.
It uses a fixed key and IV.
It is written in Rust WITH debugging symbols but no source co… Continue reading Is it possible to reverse engineer an encryption algorithm derived from AES-128 given these conditions?
Insta,, brysonartstudios, orbrysonartstudiusllx. Com
I was wondering whether enabling Voice over WiFi on your smartphone increases your privacy since it disables GPRS/2G/3G/4G/5G, leading to the following question:
If VoWiFi is enabled, is Voice over WiFi optional or is it a mandatory when c… Continue reading Is Voice over WiFi any more secure than GPRS/2G/3G/4G/5G? [closed]
I am looking into ways to build a data warehouse that would house confidential data for 1+ clients. The requirement is that our organization can never obtain access to the decrypted data. There would be a web application clients utilize to… Continue reading Confidential Computing – SQL Server Always Encrypted w/ Secure Enclave – Customer Managed Keys or alternative
In the node.js express.js framework there is middleware support. Let’s assume I have two middleware – the first one, which verifies whether the JWT token is legit and not tampered with and the second middleware which doesn’t verify anymore… Continue reading Can the data between Express.js middleware be manipulated/tampered in any way?
So I wrote the following logic for my web app:
When a user interacts with the website it initiates a Backend call. In the backend every endpoint has multiple middlewares, of which there is a JWT verification step, if it succeeds it goes to… Continue reading Is there any danger in refreshing JWT tokens directly without a refresh token?
I’m trying to figure out the best approach to store some information into a DB that will only be accessible by specific users through a password.
So let’s say I’ve got user X that stores something into the DB. That information is password … Continue reading MySQL encrypt fields and decrypt them with a password
I’ve found a question with an answer here on Security StackExchange or on Unix StackExchange, but I can’t find it anymore apparently 🙁 If you find this answer already, help would be appreciated, I already searched both places extensively…. Continue reading How do you trust two different cloud provider servers?