Collaborate Disseminate
I’m working on a secure app that uses the user’s master password to derive a symmetric key to encrypt all the user information. I want to add FaceId support now, and the approach I was thinking of was to generate a symmetric key on the Sec… Continue reading How to generate a Symmetric Key on the Secure Enclave of iOS devices and use it to encrypt data
I’m storing a sensitive string to local storage, but it is encrypted / decrypted with this: https://github.com/pubkey/eth-crypto?tab=readme-ov-file#encryptwithpublickey.
This means that even though an attacker can access the sensitive stri… Continue reading Using ETH private key to encrypt/decrypt a value in localStorage
I’m storing a sensitive string to local storage, but it is encrypted / decrypted with this: https://github.com/pubkey/eth-crypto?tab=readme-ov-file#encryptwithpublickey.
This means that even though an attacker can access the sensitive stri… Continue reading Using ETH private key to encrypt/decrypt a value in localStorage
i.e. To allow an unofficial software modification (which is too extensive to distribute as delta/patch files) to be distributed while ensuring the user owns the original software, it would be distributed in encrypted form – using the origi… Continue reading Is it possible to use arbitrary file(s) to encrypt another file?
i.e. To allow an unofficial software modification (which is too extensive to distribute as delta/patch files) to be distributed while ensuring the user owns the original software, it would be distributed in encrypted form – using the origi… Continue reading Is it possible to use arbitrary file(s) to encrypt another file?
I’m not a security expert, so please excuse this question if it’s silly, but I would really like an answer. I am using AES GCM to encrypt and would like to combine the randomly generated nonce with the ciphertext for convenience.
What’s an… Continue reading What’s a good way to append a nonce to ciphertext in Python for AES GCM in Python?
In this Help Net Security interview, Liad Shnell, CTO at Rakuten Viber, discusses what organizations should look for in secure messaging apps, including encryption, privacy standards, and ease of integration. Shnell also covers the need for a multi-lay… Continue reading Choosing the right secure messaging app for your organization
Protecting sensitive data is critical for businesses facing constant cyber threats. Automating encryption, audits, and access control strengthens security and reduces human error. Continue reading Automating Data Encryption and Security Audits for Continuous Protection
As we continue to delegate more infrastructure operations to artificial intelligence (AI), quantum computers are advancing towards Q-day (i.e., the day when quantum computers can break current encryption methods). This could compromise the security of … Continue reading AI Kuru, cybersecurity and quantum computing
Lets assume I am building a pastebin-like web app: users can upload text notes and share them. Users should be able to password-protect notes. Whenever viewing such a note, other users must first provide the correct password to be able to … Continue reading Password checks in backend vs. password encrypted data sent to frontend?