Collaborate Disseminate
International police forces have taken down an encrypted communication platform and arrested 51 people, marking a success for co-ordinated efforts to crack down on anonymous messaging services used by criminal groups. FT: Europol and law enforcement ag… Continue reading Global Police Dismantle Encrypted Messaging App Used By Criminals
Many schools and workplaces require people using their internet to first install a root certificate, so that web traffic passing through their system can be decrypted and checked.
If someone makes an online purchase while connected to thei… Continue reading Do TLS interceptors that use root certificates to inspect traffic need to worry about PCI? [closed]
Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. “AFP Operation Kraken charged a NSW man, aged 32, for creating and adminis… Continue reading Ghost: Criminal communication platform compromised, dismantled by international law enforcement
Given the following use & threat models, what is the optimal encryption implementation? Optimal is defined as the approach best matching the use model.
Use Model
Computer must be optimized for performance.
Computer use will include s… Continue reading In Linux, what encryption implementation approach is optimal given specific use & threat models?
At $work we need to store a sensitive attribute of a user (say SSN – so, short and with a small keyspace) and look up the user based on this attribute when data is submitted into our system. We cannot use off-the-shelf bcrypt/scrypt/etc. b… Continue reading How can I securely store a sensitive user attribute used for account lookup?
Google is updating the post-quantum cryptography in Chrome, replacing the experimental Kyber with the fully standardized Module Lattice Key Encapsulation Mechanism (ML-KEM) to enhance protection against quantum computing attacks. BleepingComputer repor… Continue reading Chrome Switching To NIST-Approved ML-KEM Quantum Encryption
I am new to security topics, please don’t assume knowledge and spare no details if you’re able to answer my questions.
I am trying to design a system that performs the basic functionality of virusTotal. Basically I want users to upload fil… Continue reading Is it safe to store harmful files to storage like AWS S3?
For educational purposes, I am assembling a private network to act as a small sized company using BIND9 and OpenLDAP on FreeBSD 14.1 machines.
The private networks’ DNS servers, NS1 on 172.21.0.20 and NS2 on 172.21.0.10, map the internal d… Continue reading TLS certificates on a network drive/storage
If I have access to the physical medium on which information is stored (hard drive, NFC chip, SSD), are there any physical measures possible to stop me from cloning the exact data to a duplicate?
Motivation for the question
The NTAG424 DNA… Continue reading Is it always possible to copy digital information from a physical medium?
When A communicates with B using third party KDC:
A issues a request to the KDC for a session key; the message includes the identity of A and B and a nonce, N1.
KDC responds with a message encrypted using key (Ka); the message includes th… Continue reading How does the key distribution center (KDC) distribute the session key in symmetric ecryption?