Collaborate Disseminate
For example, how long does a typical CPU take to verify a single secp256k1 signature? Wouldn’t this need to change in time so that signatures can’t be brute forced? How is it decided how "strong" the signature verification should… Continue reading Are Digital Signatures tuned to become harder as computers become faster?
I’m wondering why trust management is essential to PGP public-key rings?
and what relationships between the four fields of a public-key ring:
Owner Trust
Key Legitimacy
Signature(s)
Signature Trust(s)
Continue reading Why is trust management essential for Pretty Good Privacy (PGP) key rings?
How does AWS request signing and verification work? Let’s say I have created a signed request using this guide.
How does AWS service verify this signature? I see 2 options with their respective flaws (considering symmetrical encryption onl… Continue reading How does AWS verify signed requests?
I would like to use digital signatures to secure access to a RESTful API, exactly as described here under "Message signing using Digital Signature". Extract:
When signing, the sender uses their private key to write message’s si… Continue reading Are there any identity providers which support securing RESTful interfaces using digital signature?
If the private key is used in the server for digital signature, once the server is hacked, the private key may be leaked. Is there a way to create a digital signature without exposing the private key?
Continue reading Digital signature without exposing the private key
Except the usual implementations of a digital signature there is the "remote" digital signature implementation (is a standard created by eidas). There are some companies that provides remote signatures. Although, I didn’t manage … Continue reading Remote digital signature (eidas)
I am trying to verify a signature using OpenSSL in C++. The code is below:
bool verifySignature(QString updateInfo_file_signature, QString uInfo_file_hash) {
RSA *rsa = NULL;
BIO *keybio;
FILE *file = fopen("pubkey.pem&qu… Continue reading error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding openssl C++
I am trying to verify a signature using OpenSSL in C++. The code is below:
bool verifySignature(QString updateInfo_file_signature, QString uInfo_file_hash) {
RSA *rsa = NULL;
BIO *keybio;
FILE *file = fopen("pubkey.pem&qu… Continue reading error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding openssl C++
I want to sign every file in a directory. I can do so with the following shell command, but it’s slow.
Serial Execution:
find . -type f -printf "Signing %p…\n" -exec gpg –quiet –batch –yes –detach-sig {} \;
I have 16 CPU t… Continue reading Can gnupg sign multiple files in parallel?
I have not applied for a DSC(digital signature) but got a message from a vendor that my DSC will expire in 15 days. I have the certificate serial number given by the vendor.
How can I check if the DSC token has been misused and how to avoi… Continue reading How to check where all my Digital Signature is used