Collaborate Disseminate
Recently, GitLab[1] and GitKraken[2] notified users about a vulnerability in GitKraken version v in range 7.6.0<=v<=8.0.0. Those versions are affected by CVE-2021-41117[3] and therefore, generate weak SSH keys. Now, as an administrat… Continue reading How to detect weak SSH keys affected by CVE-2021-41117
I understand this question is more for a psychologist or a linguist to answer, but I’d imagine having a thread on the security section of stackexchange for known password entropies practically used could be itself useful.
At least from per… Continue reading What is the maximum practical limit for secret storage in the human brain?
I would like to use the method described in https://connect2id.com/products/nimbus-jose-jwt/examples/jwk-generation to generate a key pair in a java application:
import java.util.*;
import com.nimbusds.jose.jwk.*;
import com.nimbusds.jose… Continue reading Generate key pair and entropy
I need to generate quite a lot of gpg-keys for different tasks on my Debian Bullseye (Stable) machine. Also I want the highest level of security while being able to automate as much as possible.
Therefore I wrote a bash-script with the fo… Continue reading Almost unattended generation of "a pretty good keypair"
The above two standards encryption schemes are used to encrypt the messages in different applications. In both cases, a trusted third party is used to create a whole encryption environment, which is a key generation center (shortened KGC)…. Continue reading How secure is Identity-Based Encryption and certificateless cryptography?
TL;DR: I’m assuming that if GnuPG made it a default then it should be what we use, but it used "bad" defaults in the past so I’m wondering if there are any tradeoffs to this? More specifically: is ECC 25519 sufficiently adopted … Continue reading GnuPG now uses ECC 25519 as default on new key generation – any compatibility issues to worry about?
Example:
Bob uploads a file to my custom file server locked with a password, which then the file server generates a link for him to share
Bob wants to be able to share this data to anyone that has this link
Bob doesn’t want anyone but t… Continue reading How to securely encrypt shared data for a dynamic amount of users?
Is there a scheme that let people derive public/private key pair from arbitrary secrets?
As you may know, digital signature schemes have versatile use cases. The problem is, the key pair handling is too difficult for end-users. On the othe… Continue reading Deriving digital signature key pair deterministically from an arbitrary secret
I vaguely remember some story about some cipher (I think it was 3DES) having some "issue" where if the key happened to be especially bad (like 0x00000…) then the resulting encryption becomes trivially attacked. The pathological… Continue reading The hidden perils of trying to handle bad rare outcomes
I am reverse engineering a binary that contains a raw, DER-encoded X.509 certificate containing a DSA public key. I want to replace this certificate with one that I have generated so that I have access to the private key.
Due to this certi… Continue reading Generating a DER-encoded DSA public key of a particular file size