Ethical hacker near me
This was spam – removed text to prevent propagation, until the post gets deleted
Category Archives: key-exchange
Value of ECDH with ECIES
I am struggling to understand the value of ECIES in a offline message encryption scheme with shared static ECDH keys.
So if Bob and Alice each have a static public ECDH key stored in a directory.
Each time Alice wants to send Bob a message… Continue reading Value of ECDH with ECIES
How an old OpenSSL package would generate a key that itself cannot use?
Landing here to an scenario where the command below generated a correct rsa-sha2-512 key
ssh-keygen -t rsa-sha2-512 -b 4096
When that same Windows machine tries to access the SFTP with the sftp -vv built-in command, the used version of Op… Continue reading How an old OpenSSL package would generate a key that itself cannot use?
Is Symmetric Key Exchange over HTTPS safe?
I am auditing a webapplication that gives access to a financial backend. The web application provides the frontend in a HTTPS session properly encrypted, and after the client authenticating inside the system, it sends the symmetric key tha… Continue reading Is Symmetric Key Exchange over HTTPS safe?
DHE key exchange with p value 257 bytes but a pubkey of 256 bytes
I came across a packet capture in Wireshark where p length = 257 bytes and pubkey length = 256 bytes. See the ServerKeyExchange snip below:
Diffie-Hellman Server Params
p Length: 257
p: 00a81c7b6633732007ba19bf733fc5f6cf5d0c9f8e03e… Continue reading DHE key exchange with p value 257 bytes but a pubkey of 256 bytes
Encrypted messaging app using QR codes for key exchange
I remember seeing an encrypted messaging app a while ago that offered using QR codes to exchange encryption keys between the users. Of course, this only worked when the people met physically, but added an interesting layer on top of the us… Continue reading Encrypted messaging app using QR codes for key exchange
Permanent Keys/Secrets in TLS 1.3
In TLS 1.3 (RFC8446), there are many secrets and keys. As far as I’ve understood, every certificate (usually only the server) has a long term key associated with it which is used with HKDF to generate a temporary key for the certificate ve… Continue reading Permanent Keys/Secrets in TLS 1.3
Anonymity in initial Key exchange in onion routing
Maybe I will be wrong, please correct me and at the same time answer my question. I know the keys are exchanged between client and Tor relays through circuit extension requests (other than first relay), so in short, whatever keys are gener… Continue reading Anonymity in initial Key exchange in onion routing
ECDH or DH sharing using onion routing
I have come up with a new ECDH sharing method, where I give the common key to dozens of people in advance and then randomly select about 8 people to share the ECDH with whom I want to talk by relaying the encryption using onion routing. As… Continue reading ECDH or DH sharing using onion routing
How do I securely send a symmetric key between two clients? [duplicate]
I’m new to cryptography. I’m using Swift CryptoKit and I’ve figured out how to seal the data with a symmetric key. Now I can send the sealed data to another user, but they wouldn’t be able to decrypt it without the key. But if someone were… Continue reading How do I securely send a symmetric key between two clients? [duplicate]