key-exchange – WindowsTechs.com

What is the best way to ensure a secure communication between two client devices without access to internet, CA, or pre-shared keys

Posted on March 22, 2025 by GameRaccoon

I’m trying to create an application that should allow two devices (two phones, two computers, or a phone and a computer) to verify each other in some way to later be able to securely connect to each other to transfer data.
There are only t… Continue reading What is the best way to ensure a secure communication between two client devices without access to internet, CA, or pre-shared keys→

SSH: Do the public and private keys contain the ip address?

Posted on February 15, 2025 by Manuel Jordan

Question

Do the public and private keys contain the ip address?

Scenario
Suppose "Computer I" as client has a IP as 192.168.1.A and is generated for SSH purposes its respective pair of keys:

The public key
The private key

Thu… Continue reading SSH: Do the public and private keys contain the ip address?→

Ethical hacker near me

Posted on October 11, 2024 by Arriel Leigh

This was spam – removed text to prevent propagation, until the post gets deleted

Continue reading Ethical hacker near me→

Value of ECDH with ECIES

Posted on September 27, 2024 by Rowan Smith

I am struggling to understand the value of ECIES in a offline message encryption scheme with shared static ECDH keys.
So if Bob and Alice each have a static public ECDH key stored in a directory.
Each time Alice wants to send Bob a message… Continue reading Value of ECDH with ECIES→

How an old OpenSSL package would generate a key that itself cannot use?

Posted on May 22, 2024 by rellampec

Landing here to an scenario where the command below generated a correct rsa-sha2-512 key
ssh-keygen -t rsa-sha2-512 -b 4096

When that same Windows machine tries to access the SFTP with the sftp -vv built-in command, the used version of Op… Continue reading How an old OpenSSL package would generate a key that itself cannot use?→

Is Symmetric Key Exchange over HTTPS safe?

Posted on January 10, 2024 by Stark Labs

I am auditing a webapplication that gives access to a financial backend. The web application provides the frontend in a HTTPS session properly encrypted, and after the client authenticating inside the system, it sends the symmetric key tha… Continue reading Is Symmetric Key Exchange over HTTPS safe?→

DHE key exchange with p value 257 bytes but a pubkey of 256 bytes

Posted on October 20, 2023 by ayivaak

I came across a packet capture in Wireshark where p length = 257 bytes and pubkey length = 256 bytes. See the ServerKeyExchange snip below:
Diffie-Hellman Server Params
p Length: 257
p: 00a81c7b6633732007ba19bf733fc5f6cf5d0c9f8e03e… Continue reading DHE key exchange with p value 257 bytes but a pubkey of 256 bytes→

Encrypted messaging app using QR codes for key exchange

Posted on October 9, 2023 by zajic

I remember seeing an encrypted messaging app a while ago that offered using QR codes to exchange encryption keys between the users. Of course, this only worked when the people met physically, but added an interesting layer on top of the us… Continue reading Encrypted messaging app using QR codes for key exchange→

Permanent Keys/Secrets in TLS 1.3

Posted on May 30, 2023 by bacle173

In TLS 1.3 (RFC8446), there are many secrets and keys. As far as I’ve understood, every certificate (usually only the server) has a long term key associated with it which is used with HKDF to generate a temporary key for the certificate ve… Continue reading Permanent Keys/Secrets in TLS 1.3→

Anonymity in initial Key exchange in onion routing

Posted on May 28, 2023 by user10433098

Maybe I will be wrong, please correct me and at the same time answer my question. I know the keys are exchanged between client and Tor relays through circuit extension requests (other than first relay), so in short, whatever keys are gener… Continue reading Anonymity in initial Key exchange in onion routing→