Collaborate Disseminate
Now that OpenSSH supports Elliptic curve security keys (since version 8.2), it’s possible to generate a ed25519-sk key on a hardware security key:
$ ssh-keygen -t ed25519-sk -C comment
This generates a public and a private key parts. How … Continue reading How sensitive is the primary key stub of an ed25519 security key (~/.ssh/id_ed25519_sk)?
I’m doing some research into secure client-server communication. I’ve decided to use AES to encrypt data, and then encrypt the AES key using ECC to send to the recipient. It’s important to me that I get this flow right, and then I can work… Continue reading Is this key exchange & encryption flow correct? [closed]
I’m doing some research into secure client-server communication. I’ve decided to use AES to encrypt data, and then encrypt the AES key using ECC to send to the recipient. It’s important to me that I get this flow right, and then I can work… Continue reading Is this key exchange & encryption flow correct? [closed]
Can I please get some help in understanding the representation/connection between the issuer key structure, such as the one here:
{
"kty": "EC",
"d": "6RDoFJrbnJ9WG0Y1CVXN0EnxbuQIgRMQfzFVKogbO6c&q… Continue reading Elliptic Curve Encryption Algorithm:ES256, Curve: P-256 Format representations
Some loose reports have indicated that NSA implemented backdoors to some NIST elliptic curves. As far as I understand these do not include P-256, P-384, etc.
From a security standpoint, would it be considered bad practice to use e.g. the c… Continue reading Is the elliptic curve secp256r1 without a backdoor?
I’m attempting to establish a process for setting up a new GPG identity for myself and my threat model.
Much of it is following guides which I believe are still considered best practices:
https://github.com/drduh/YubiKey-Guide
https://bl… Continue reading Why does ECC not have an encrypt capability in GPG, but RSA does?
In Canada, Québec introduced it’s Covid-19 App "VaxiCode" on September 1; BC, "BC Vaccine Card", September 13, requirement in place until January 31, 2022, subject to extension; Ontario, September 22, "app to follo… Continue reading QR codes for shc Covid vaccine passports
I’m working on a project with a client based on mbedtls and a server built with vsftpd.
I had basic RSA authentication working but am now upgrading to using the cipher TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256. And I am struggling to get it … Continue reading wrong curve error during TLS handshake with vsftpd
I would like an example of how to generate and use X448 and ED448 in C# through bouncycastle crypto library (X25519 and ED25519 is already provided in libsodium library).
Is it possible to export and import X448 and ED448 public and privat… Continue reading How to use X448 and ED448 in C#(BouncyCastle)? [migrated]
TL;DR: I’m assuming that if GnuPG made it a default then it should be what we use, but it used "bad" defaults in the past so I’m wondering if there are any tradeoffs to this? More specifically: is ECC 25519 sufficiently adopted … Continue reading GnuPG now uses ECC 25519 as default on new key generation – any compatibility issues to worry about?