Collaborate Disseminate
I am working on a project where I have to calculate the encryption time and decryption time of an algorithm. How to calculate encryption, decryption and key generation time of an algorithm? Is there any formula to calculate these?
Continue reading How to calculate encryption time of an algorithm? [closed]
I’ve been doing a deep dive into how products like Web3Auth work under the hood and wonder if this is a viable approach to building applications where a user can have the convenience of using oAuth to generate and manage a private key. Add… Continue reading Is there a viable zero-knowledge approach for using oAuth to generate and manage private keys?
I’m trying to build a generic function to encrypt HMAC values with a single global secret key, but that can be "scoped" or salted by application/uses. For instance, an HMAC for a session token signature should not be the same as … Continue reading Key derivation for HMAC, concatenate vs multiple HMAC passes
How do you create a private-key/public-key pair without the public key’s information in the private key? So you should basically not be able to extract the public key from the private key. The private key should contain the bare minimum.
I… Continue reading Create "bare" pgp private key / Make private key without being able to generate the public key from it
For testing purposes, I need a PGP key for a specific uid that has already expired.
Using gpg –full-generate-key only gives me the following options:
Please specify how long the key should be valid.
0 = key does not expire
… Continue reading How to generate an expired key with gpg?
Given an one-key cipher such that:
E[k1,E(k2,m)]=E[k2, E(k1, m)]
Is there any key distribution protocol that involves only two parties (Alice and Bob) without the key distribution center?
The protocol should allow Alice to send a session k… Continue reading Key distribution protocol involves only 2 parties, given E[k1,E(k2,m)]=E[k2, E(k1, m)]
If you look at the above Kerberos protocol’s diagram, you can find that the protocol works on the basis that the (symmetric) client key initially exists on both the client node and the key distribution center.
Then, the question is, how c… Continue reading How can a client safely post/get a (symmetric) client key to/from a key distribution center?
I have a bit of doubt in a scenario that, AWS started allowing Ed2551 SSH keys somewhat recently. I also see a bit of a debate about the security of one other. Could anyone advise on which we should use going forward or which is best?
Am I right in stating that SCrypt as an algorithm is useful where many passwords are stored in a database, but not against one specific encryption key derived from one password of one user?
For example, let there be a password, a salt, and… Continue reading SCrypt’s goal and the role its salt plays
The Extented Master Secret Extension which is explained in RFC7627 shows the PRF used for derivation of the master secret from the premaster secret.
master_secret = PRF(pre_master_secret, "extended master secret",
… Continue reading Key Block PRF for Extended Master Secret