ecc – Page 4 – WindowsTechs.com

Does partial public key pre-sharing and partial public key exchange improve security vs one-sided public key sharing [migrated]

Posted on February 14, 2023 by velis

I have a small ARM M0 SoC and a smartphone as actors. Encryption keys used are Elliptic curve.
My current security is implemented such that:

the SoC has 128 bit hashes of phone public keys (vs 512 bit – due to storage space constraints)
t… Continue reading Does partial public key pre-sharing and partial public key exchange improve security vs one-sided public key sharing [migrated]→

Cipher Suites settings wrong order?

Posted on December 20, 2022 by cadobe

I’m trying to setup a custom order of TLS cipher suites according to this Microsoft list, on Windows Server 2022 but the outcome is not the one that I was expecting.
After using the powershell to disable a bunch, and set a preferred order… Continue reading Cipher Suites settings wrong order?→

Given a Java ECPublicKey ECDSA PublicKey, how can I build an SSH2 public key?

Posted on October 3, 2022 by Vicky

I have created a ECDSA key and now need to convert this to SSH2 key.
final KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA");
ECGenParameterSpec params = new ECGenParameterSpec("secp384r1");
key… Continue reading Given a Java ECPublicKey ECDSA PublicKey, how can I build an SSH2 public key?→

Is it secure to have constant initialization vector for symmetric block cipher when using hybrid encryption scheme?

Posted on August 18, 2022 by g00dds

I use hybrid encryption. AES CBC as a symmetric cipher. The key is derived from shared secret using curve25519 (receiver’s public key is known). The sender’s private key is randomly generated, the public key is sent along with the encrypte… Continue reading Is it secure to have constant initialization vector for symmetric block cipher when using hybrid encryption scheme?→

Why is there an ASN1 OID and a NIST CURVE reference for the same curve?

Posted on April 29, 2022 by Eddie

$ openssl ecparam -in param-ec.pem -text -noout
ASN1 OID: secp384r1
NIST CURVE: P-384

The file param-ec.pem indicates the curve is P-384, also known as secp384r1.
In the same way:
secp521r1 = P-521 and secp256k1 = P-256 prime256v1 = … Continue reading Why is there an ASN1 OID and a NIST CURVE reference for the same curve?→

SSL certificate match with private key but doesn’t match with CSR

Posted on April 6, 2022 by Tần Quảng

I use the following command to create your private key and CSR (using the ECC algorithm):
openssl ecparam -out ECC.key -name prime256v1 -genkey -noout
openssl req -new -key ECC.key -out ECC.csr -sha256 -subj "/C=VN/O=Custom Organizati… Continue reading SSL certificate match with private key but doesn’t match with CSR→

What format is this private key in, and how can I process it using bouncycastle?

Posted on March 7, 2022 by rurouniwallace

I have the following private key. I’d like to be able to process it into an instance of ECPrivateKey using Bouncycastle (or the builtin Java security API if bouncycastle isn’t necessary).
—–BEGIN EC PRIVATE KEY—–
MIGTAgEAMBMGByqGSM49… Continue reading What format is this private key in, and how can I process it using bouncycastle?→

SSH Handshake on Cisco IOS XE

Posted on February 21, 2022 by TimmayG

I’ve configured the following on my IOS XE device.
!
ip ssh rsa keypair-name my-4096rsa-ssh-key
ip ssh version 2
ip ssh server algorithm mac hmac-sha2-512 hmac-sha2-256
ip ssh server algorithm encryption aes256-gcm aes256-ctr
ip ssh server… Continue reading SSH Handshake on Cisco IOS XE→

SafeNet eToken 5110CC w/ IDPrime 940MD: Generating ECC384/521 Errors + ICC/CVC Authentication

Posted on January 27, 2022 by Minas

I am trying to utilize the SafeNet eToken 5110CC, which basically has the IDPrime 940MD with the applet 4.4.2.A., to generate ECC keys with lengths 384bits and 521bits to no avail.
The product brief says that ECDSA and ECDH of 384/521bits … Continue reading SafeNet eToken 5110CC w/ IDPrime 940MD: Generating ECC384/521 Errors + ICC/CVC Authentication→

Is it possible to use an ed25519 security key with Google Chrome SSH applets?

Posted on January 4, 2022 by Petr

After generating an OpenSSH EC key on a hardware security key:
$ ssh-keygen -t ed25519-sk -C comment

Is it possible to use this key with Google Chrome SSH applet or Mosh, in particular on non-Linux machines where there is no ssh command a… Continue reading Is it possible to use an ed25519 security key with Google Chrome SSH applets?→