Collaborate Disseminate
I created a signature with:
openssl pkeyutl -sign -inkey rsa.key.bob -in plain -out plain.sig.bob
and to verify, Alice just needs to use Bob public key to check the authenticity of the message.
So why I have to use this (which require th… Continue reading Why in "openssl pkeyutl -verify" is needed both public and private keys? Why isn’t public key enough?
I have some passwords hashed with C# using Rfc2898DeriveBytes.Pbkdf2(bytes,src,5000,HashAlgorithmName.SHA1,24) (an older implementation) and would like to port this code to java.
However I don’t seem to get the two hashes to be the same.
… Continue reading Working Rfc2898DeriveBytes.Pbkdf2 in Java [migrated]
Recently, I was reading about Blake2B and its properties regarding randomness and security, and its connection to Daniel Bernstein’s CHA CHA digest. As a budding cryptographer, I find it doable to implement those algorithms, but I find it … Continue reading Construction of Blake2 and Cha Cha [migrated]
Explain how you will conduct the man-in-the-middle attack against RSA protocol and why it
can work
In eIDAS Remote Qualified Signatures, but also in other Remote-Signature Solutions, the cryptographic keys are held by the Remote Signature Provider. The user uses some method, e.g., a smartphone app, to allow the creation of a signature.
… Continue reading Remote eIDAS Qualified Signatures: Control of Signature Activation Data
I have a cipher text, that was created using One-Time-Pad, but the idea is that it was encrypted badly. The message, a section of a book, was encrypted using a pad 256B long repeated many times over (like Vigenere).
Any ideas how to break … Continue reading How to break poorly implemented One-Time-Pad
Disclaimer: I am very new in this area and working to understand internet security by myself.
On the internet, I have found some public keys belonging to some web pages. I see that RSA is used in those pages, and I know that the private an… Continue reading Understanding RSA public keys in web pages [closed]
A smart card storing its secrets in it own flash storage, but does it encrypts them? Or are them in flash as plain-text? Some claim it encrypts, but if secrets are encrypted in flash, how card can use them? It need password for them from o… Continue reading Do smart cards encrypt their secrets? [closed]
In an age defined by technological leaps and bounds, where quantum computing stands at the forefront of innovation, ensuring data security has become an even more pressing concern. The classical cryptographic methods we rely on today may n… Continue reading How Can We Enhance Data Security in the Quantum Era? [closed]
I came across a packet capture in Wireshark where p length = 257 bytes and pubkey length = 256 bytes. See the ServerKeyExchange snip below:
Diffie-Hellman Server Params
p Length: 257
p: 00a81c7b6633732007ba19bf733fc5f6cf5d0c9f8e03e… Continue reading DHE key exchange with p value 257 bytes but a pubkey of 256 bytes