Collaborate Disseminate
I need to establish a secure method for transmitting shared secret keys between a mobile app and an API server to ensure the integrity of the data.
When initially exchanging shared secret keys, I’am employ X25519. However, if a previously … Continue reading Secure Transmission of Secret Keys Between Mobile App and API Server
I use hybrid encryption. AES CBC as a symmetric cipher. The key is derived from shared secret using curve25519 (receiver’s public key is known). The sender’s private key is randomly generated, the public key is sent along with the encrypte… Continue reading Is it secure to have constant initialization vector for symmetric block cipher when using hybrid encryption scheme?
I want my native applications (android/ios) to have a keypair (RSA or ECIES) so that certain data on requests to my API can be encrypted. I want each client to have a unique keypair. The device will register that keypair with… Continue reading Reason to generate encryption keypair server side rather than on device?
Security threats, data breaches and cyberattacks continue to rise within healthcare, financial, legal, government and hospitality industries. Whether it’s the Yahoo data breach affecting 3 billion accounts or the data breach of Marriott’s Starwood gue… Continue reading Fax or Email for Secure Document Delivery?
OpenSSL source
I am currently using ECIES with C on the client.
http://openssl.6102.n7.nabble.com/Code-for-using-ECIES-to-protect-data-ECC-AES-SHA-td39269.html
However, I would like to encrypt/decrypt using BouncyCastle on… Continue reading Is openssl’s ecies compatible with bouncycastle’s eices?
I try to encrypt 16 bytes (for an AES symmetric key) using EC in Java. However, I only succeed using ECIES which I understand is a hybrid crypto system that uses AES internally:
Cipher asymmCipher = Cipher.getInstance(“ECIES… Continue reading EC (non-ECIES) encryption in Java