Collaborate Disseminate
When adding an account on a mail client, the SSL/TLS is usually turned off and the encryption method is ‘none’ (see Outlook example below).
Is the password safely sent through the internet when authenticating using the default settings?
I… Continue reading Is authentication through mail clients safe when encryption is off?
I asked a question about HTTPS encryption as it relates to developing a web app here. On the face of it that question has now been closed twice for not being focused enough, but if the meta discussion is anything to go by, it’s more realis… Continue reading Is encryption in transit distinct from end-to-end encryption?
I am building an E2EE chat app where there is one asymmetric key pair per group and one asymmetric key pair per user. All messages in a group chat are encrypted with the group public key and decrypted with the group private key.
When Alice… Continue reading How can I verify the hash of the plain text without being able to decrypt the cipher text?
I want to implement end-to-end encryption on my chat application (available on android, iOS and web). For that I’ve following mechanism in mind.
Generate Key pairs (Private key and Public key) on sign up
Send Public Key to Server (AWS)
U… Continue reading Key management for End-to-end encryption for Chat application
If you wrap all your data in an end-to-end encrypted payload is it safe to transmit over HTTP or at worse case self signed HTTPS instead of traditional CA signed SSL?
I’m studying iot Secure knowledge.
I find that people say that TLS/DTLS can provid e2e security but in HTTP diagram it will stop at Server.
A->Server->B and data at Server will be decrypted.
In my opinion TLS in web use this diagram … Continue reading Can TLS enable end-to-end security between 2 users(not server) in IPv6?
I’m studying iot Secure knowledge.
I find that people say that TLS/DTLS can provid e2e security but in HTTP diagram it will stop at Server.
A->Server->B and data at Server will be decrypted.
In my opinion TLS in web use this diagram … Continue reading Can TLS enable end-to-end security between 2 users(not server) in IPv6?
I am banging my head about this for a while now and would appreciate opinions/different views.
tl;dr
There is a system that aims to provide full end-to-end encryption for information (text messages, blobs) exchanged through it. At the mome… Continue reading Security vs. User Experience – can this Process still be considered to provide proper End-to-End-Encryption?
My boss is looking for an escrow style solution to store files that are "classified", or have special/high-security access requirements.
His requirement list for this solution:
Cloud-Based – Google Drive / Azure (open to other p… Continue reading Looking for high security; cloud based; file share, with access / location logging, and fine grain access control [closed]
We just founded a subsidiary in the United States. For this new legal entity, we also need a bank account.
With our bank account manager in Germany, we can encrypt our emails using the S-MIME protocol. This is quite convenient for everybod… Continue reading Is there a bank in the United States that uses email encryption with S-MIME or GPG? [closed]