Collaborate Disseminate
For a new application I’d like to store messages for each user’s account on a centralized server.
The user accesses the application through a SPA javascript web app through their browser.
These messages:
Should be unreadable by the server… Continue reading Client-side encryption of data, but the server can also add data without reading stored data
This question asks whether one should hash on the client or the server. I want to know if there is any reason, aside from having to maybe handle one extra hashing library (if it’s not already in your security stack), why you wouldn’t want … Continue reading Does hashing client-side increase attack surface (assuming TLS and serverside salt+hash)? [duplicate]
I am doing some unattended key generation using –quick-gen-key and –quick-add-key. I am not clear if the user-id mentioned in the man page offers a way to include a comment:
–quick-generate-key user-id [algo [usage [expire]]]
I’m trying to figure out how to cross-sign two keys. One reference says we should use:
gpg –local-user 0xfedcba98 –edit 0x76543210 sign
gpg –local-user 0x76543210 –edit 0xfedcba98 sign
That’s an old reference, so I assume we should b… Continue reading gpg: How do we Cross-Sign Keys? (–default-key vs. –local-user)
I like to generate a public-private key pair that is seeded from a string. So having the string and the generation algorithm is enough to recreate the keys. I want to do this because I can then combine a password (that I’ll memorize), with… Continue reading What’s a secure way to generate a keypair from a secret password?
Most of the online guides I found about using dm-crypt with a random keyfile use files bigger than 512 bits (64 bytes).
For example:
dd bs=512 count=4 if=/dev/urandom of=keyfile iflags=fullblock
As the biggest key a cipher can use is 512 … Continue reading Is there any added benefit to using a random keyfile of more than 512 bits?
I’m questioning the password used in a key derivation function, whether It makes sense to make it unique for every generated symmetric key and why
Continue reading Password relevance in key derivation function
I am trying to decode my 128-bit AES key to string to store it in database. I have tried using Python built-in decode() with ascii and utf-8 codecs but it is not working.
Continue reading How can I convert 128-bit AES encryption key to a string using Python? [migrated]
OpenVPN recommends using a 2048 RSA key size for greater security, however, the hardware I’m using is somewhat weak and defaults to using a 1024 RSA key size. I’m trying to determine if it’s worth the hassle of manually changing things to… Continue reading OpenVPN Key Size 1024 vs 2048 and Eavesdrop vs Access?
I know this question is theoretical however I would like some thoughts from a security perceptive.
Take this thought:
1) I generate a high entropy, cryptographically secure string of bits (256-bits of entropy)
2) I use this entropy as a … Continue reading Theoretical question with regard to weak password based KDF & high entropy input