Google Titan security keys hacked by French researchers
Researchers can now made software copies of Google’s “unclonable” Titan security keys – but not yet undetectably. Continue reading Google Titan security keys hacked by French researchers
Category Archives: ECDSA
Verify signature without digest
I’m trying to verify that a smartcard (possibly doctored by an attacker) has access to the (ECDSA P-384) private key for which I was given a (signed) public key, in order to verify that the card is genuine. In order to do that, I should pa… Continue reading Verify signature without digest
Test the multiplicative inverse of a ed25519 secret key in pynacl
I choose a random ed25519 secret key sk_enc and calculate the multiplicative inverse sk_inv_enc of integer sk_env modulo L. Then i compute the scalar product of a standard group element and the integer sk_enc * sk_inv_enc on the edwards255… Continue reading Test the multiplicative inverse of a ed25519 secret key in pynacl
Should I be using ECDSA keys instead of RSA for SSH?
I read on ssh.com that there are new ECDSA ssh keys that one should be using to create the public / private key pair; and that’s it’s a US Government Standard based on elliptical curves (probably something mathy). I also noticed that they… Continue reading Should I be using ECDSA keys instead of RSA for SSH?
How to store ECDSA public key securely in Android
I am writing an Android application that needs to verify that a request is sent from a trusted party (me).
This is my current solution:
Storing keys:
Generate ECDSA public key / private key from a server.
Store private key in server. S… Continue reading How to store ECDSA public key securely in Android
Difference in ECDSA private key format
I have two private ssh keys, – one was originally created with ssh-keygen the other one with a python script. They are supposed to be the same, however one works for authentication and the other one doesn’t.
After analyzing them with http… Continue reading Difference in ECDSA private key format
Convert ECDSA keys (PEM, OpenSSH)
To work with ECDSA keys I am using the python-ecdsa library. Unfortunately this library can not process keyfiles properly if they are provided in the OpenSSH format. Instead I generate them in the PEM format, which the librar… Continue reading Convert ECDSA keys (PEM, OpenSSH)
Mix and match RSA and ECDSA in TLS
Suppose TLS client and server want to communicate, authenticating both parties. They each have sufficiently trusted certificates, but one corresponds to an ECDSA private key and the other corresponds to a RSA private key, or… Continue reading Mix and match RSA and ECDSA in TLS
Which KEK can wrap AES, RSA and ECDSA keys securely?
If I have AES256, RSA4K and ECDSA-512 keys as CEKs, which I need to securely store, what KEK can I use to securely wrap these without reducing the bit strength? I am aware that an AES256 key can wrap RSA4K without reducing t… Continue reading Which KEK can wrap AES, RSA and ECDSA keys securely?
How can ECDSA offer stronger security with the same key length (same amount of entropy)?
It’s always been told that ECDSA is more secure “per bit of key size”, such that it offers same security with a shorter key, or offers stronger security with the same key length.
However, per my understanding, if the length … Continue reading How can ECDSA offer stronger security with the same key length (same amount of entropy)?