Collaborate Disseminate
I’ve read a lot of materials(including other related questions in this site) and seen many people lay out the mathematical formulas. I have a decent background in math, so I understand how long it would take and how difficult it is, mathem… Continue reading Doubts About Whether 128-bit Entropy is Secure Enough [duplicate]
"The KeyUpdate handshake message is used to indicate that the sender is updating its sending cryptographic keys."
"If the request_update field is set to "update_requested", then the receiver MUST send a KeyUpdate o… Continue reading what should be the response of keyupdate if the initial KeyUpdateRequest is set to update_not_requested not update_requested
The ssh-keygen command to generate the pair of keys files can use the -t option. According to Ubuntu Noble’s man ssh-keygen for the mentioned option, it indicates:
-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa
Specifi… Continue reading OpenSSH 9.6p1: What is the best key type for the ssh-keygen command through the -t option?
I created a private key using Analog device’s signtool. It can be found part of "CrossCore Embedded Studio for Blackfin, SHARC and SHARC+ – Release (Rev. 2.12.0)". Link: https://www.analog.com/en/resources/evaluation-hardware-and… Continue reading How to generate an X9.62 encoded ECDSA prime256v1 private key using OpenSSL?
I am attempting to perform real time decryption of TLS 1.3 packets (TLS_AES_256_GCM_SHA384). I have retrieved the mastersecrets for the specific flow by using uprobes on OpenSSL, and matched the mastersecrets to the flow using ClientRandom… Continue reading Real Time Decryption of TLS 1.3 packets Asked today Modified today [closed]
Context
I’ve used OpenSSL to encrypt some socket communications.
I am however using some functionality from the windows API that prevents me from using OpenSSL’s opaque builtin sockets, so I am buffering through their BIO_s_mem interfaces … Continue reading Pitfalls of manual AES encryption for data transfer [migrated]
I have a textbook that contains the following problem:
In practice, one master key, KM, is exchanged in a secure way (e.g. Diffie-Hellman key exchange) between the involved parties. Afterwards, session keys, kx, are regularly updated by u… Continue reading Is This Perfect Forward Secrecy?
I’m trying to understand the difference between generating a private key using openssl genrsa and adding -newkey to req.
I found a 2014 answer saying the underlying code is the same, one from 2015 saying the encryption is different, and a … Continue reading openssl: genrsa vs req -newkey private keys. What’s the difference?
I’m looking into the differences between stateful and stateless key management. I understand that stateful key management means that I have a database that tracks my keys, and can become very large. There are obvious security implementatio… Continue reading Stateless Key Management
For a web service, I am considering generating random 25-49 recovery codes as a kind of pass that can be stored in a pass manager (no usernames).
Instead of pass(word) hashing on the server, I consider hashing the pass on the client with p… Continue reading Is pass -> [via pbkdf2] -> seed -> ECDSA key pair better than pass(word) hashing?