Collaborate Disseminate
Pardon if this is a noob question. I’m writing an authorization function to determine if a REST API request should be allowed to proceed or not. It is using a standard JWT passed in the Authorization: Bearer … header. For u… Continue reading Is it a bad idea to share a private key generated from a self-signed root CA?
Reading the iOS Security Guide’s description of the iMessage encryption protocol I’m trying to figure out why they included a mechanism for verifying the integrity of the plaintext as well as verifying the integrity of the fi… Continue reading Why is validating the integrity of the plaintext necessary in addition to validating the integrity of the cipher text?
I want to backup my data to the cloud. Before that, I want to encrypt it using GPG (gpg (GnuPG) 2.2.11 and libgcrypt 1.8.4).
The backup is just for me, so I don’t care about interoperability
I only care about how secure it… Continue reading Which encryption algorithm for cloud backup?
I’ve just created a new off-line GPG-key with a sign/certify master-key and two sub-keys – one for signing and one for encrypting. 5 yr expiration for the master, 2 yr for the subs. My master-key got just my name and my dob a… Continue reading Preparing to change over to new GPG-key – what to do with my old ones?
I have not been able to find any credible source which tried to prove or disprove the randomness of mouse movements.
A Google Scholar search for “mouse movement entropy” gives surprisingly few results: about one page of computer science … Continue reading What research suggests that user’s mouse movements are (not) sufficiently unpredictable for secret key generation?
Am learning OpenSSL EVP API and trying to understand the ways to generate a symmetric key using OpenSSL EVP in C++ program.
I have two questions in this regard:
1) To understand what the command openssl enc -aes-256-cbc -k … Continue reading Generate symmetric key programmatically using openssl EVP
I need to generate the most secure private key.
Usually I use a command:
openssl genrsa -des3 -out mykey.key 2048
Is triple DES secure enough?
Is 2048 large enough?
Are there any other ways to make the private key str… Continue reading How to generate the most secure private key?
I’m trying to implement RSA encryption in PHP. I’m stuck at generating the public and private keys.
I have P = 61, Q = 53, MOD = P * Q = 3233, N = (Q – 1) * (P – 1) = 3120. How do I chose the value of e after computing all G… Continue reading RSA generating private and public keys
I have a method that obtains the secret key to be able to encrypt with AES.The secret key is stored in database. As seen in the method, I use a Stored procedure to get the secret key value and assign it to a byte array.
Chec… Continue reading Fix use of hardCoded Cryptographic key
I got a GUI Program, which loads the Logic from a webserver if the entered License Key is valid.
The actual connection string I hexed and xor’d with a secret key. (which is unfortunately static)
The Webservice itself authent… Continue reading Key Encryption / Obfuscation