Collaborate Disseminate
In some contexts (PKCS#12) key management is done through human readable key aliases, where the alias uniquely identifies the key, in others, it is done through key IDs (JWK sets, GPG, …) with non-human readable UUID/hexadecimal/.. ident… Continue reading Key alias "vs" Key ID usage
I’m a student currently working on a project involving designing a new key management for iot-based Wireless Sensor Networks, with a focus on developing a self-healing mechanism and integrating AI in the scheme.
I’ve come across various ke… Continue reading self-healing key management in iot-based wsn
Whether it be a private key for a TLS certificate, an SSH server, or a code signing cert, is it bad practice to use the same password across multiple?
My assumption would be no, seeing as a key compromise does not necessarily compromise th… Continue reading Is it bad practice to reuse a private key password across multiple keys?
We are currently implementing an envelope encryption scheme in order to securely store PII data in our database. That means we will have a user- specific DEK (data encryption key), and a KEK, which will get derived from the user’s password… Continue reading Envelope Encryption: KEK management in Auto- Login case
Several people recommend only decrypting your master key on an airgapped computer to reduce the risk of having malware that can steal it. What about using an Android phone for this purpose? One could disable the radios in software, encrypt… Continue reading Using an Android phone for the airgapped GPG key signer
I have a problem. I’m a message relay and i want to prioritize user privacy as much as possible. Unfortunately, there is one issue. I can’t design my system to implement E2EE (end-to-end encryption), because the original message is always … Continue reading Encryption Master Key (KMS) vs Distributed Multiple Encryption Keys (KMS)
I’m developing a notetaking app that will store users’ note and file data encrypted in a db and on backblaze (respectively). The app will not be end-to-end encrypted but data will be encrypted in transit (with TLS) and at rest (AES256, for… Continue reading How can I use PBKDF2 to derive an encryption key from a password and then access that key later without the password (i.e. with a cookie)?
How can I increase my account balance? I am working but don’t show account balance.
I’m trying to meet a requirement where devs can log in to a server, launch, and test code without having the ability to pull (or access any ssh keys)code from the repository.
I don’t want to grant them access to push or pull from Git.
Curr… Continue reading How can I keep git ssh keys from developers in server
For example PGP keys imported to a program like Thunderbird. Is there any reason why Thunderbird, due to a rogue programmer or just a bug in the code, can’t send your private key off to a malicious actor or make copies of it once imported?… Continue reading What prevents applications from misusing private keys?