Collaborate Disseminate
i want to generate a 12 bytes authentication in AES-GCM. my code only give me an output tag of 16 bytes. i have tried to use the min_tag_length but it rises an error.
can i get your guidance, thank in advance.
import os
from cryptography.h… Continue reading How to get a 12 bytes authentication tag in AES-GCM
I need to protect a private RSA key using a passphrase but using AES-GCM for the actual encryption.
This is normally done using various a combination of openSSL library calls. However, I now need to support using AES-GCM instead of AES-CBC… Continue reading Encrypting/wrapping a private RSA key in PKCS8 using AES-GCM and openSSL 3.20 (library not command line tool)
Say that I have generated an RSA keypair, which I intend to publish only for use with RSA-KEM; I can see that this is provisioned for:
The intended application for the key MAY be indicated in the key usage certificate extension (see RFC 5… Continue reading Does self-signed encryption certificate violate "no multi-use keys" principle?
I recently forgot my phrase to unlock my laptop which i bought a new one several month’s ago i needed some document then suddenly i can’t remember the password, can anyone help!!!
Note: I tried hashcat, and previous tools for luks crypto 1… Continue reading How to crack luks crypto 2, encryption? [closed]
I’ve watched a lot of videos on Shor’s Algorithm and Quantum Computers. Most of these videos say these two things undermine RSA via fast-factoring, but they never really explain how fast-factoring is used to these break things; just very h… Continue reading RSA vs Shor’s Algorithm/Fast Factoring — Server Credentials & MITM
Assume that I have a server storing sensitive user information (think medical records). I want this data to be encrypted on my server at almost all times. Only when a doctor needs to access the data of a particular person, it should be dec… Continue reading Over-Optimizing Security? Storing Encrypted Data on a Server While Private Key Remains With User
It’s time to stop relying on the insecure authentication protocol built into Windows. Microsoft is making it easier to switch to secure modern options. Continue reading Microsoft Improves Windows Security with a Path to Move Off NTLM
Cybersecurity is a growing concern as more and more critical infrastructure can be exposed to hacks through the internet. Now, Australian engineers have developed and demonstrated a new technique called “ineffable cryptography,” which treats keys like … Continue reading New cybersecurity tech treats keys like the Colonel’s secret recipe
I am doing a research on detecting Stealthy False Data Injection (SFDI) attacks in a smart grid context (a related paper). Besides I am working on a chaotic cryptography (e.g. with Lorenz attraction) for encryption and decryption of the tr… Continue reading Is it possible to detect Stealthy False Data Injection attack through chaotic cryptography? [migrated]
This is interesting:
For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established.
[…]
The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection. It affects only keys using the RSA cryptographic algorithm, which the researchers found in roughly a third of the SSH signatures they examined. That translates to roughly 1 billion signatures out of the 3.2 billion signatures examined. Of the roughly 1 billion RSA signatures, about one in a million exposed the private key of the host…