key management – Page 10 – WindowsTechs.com

PCI SSC updates its device security standard for HSMs

Posted on December 23, 2021 by Help Net Security

The PCI SSC published the latest version of its device security standard for Hardware Security Modules (HSMs). HSMs are secure cryptographic devices that are used for cryptographic-key management and the protection of sensitive data used in payment car… Continue reading PCI SSC updates its device security standard for HSMs→

Key management for End-to-end encryption for Chat application

Posted on December 9, 2021 by Mrugesh Tank

I want to implement end-to-end encryption on my chat application (available on android, iOS and web). For that I’ve following mechanism in mind.

Generate Key pairs (Private key and Public key) on sign up
Send Public Key to Server (AWS)
U… Continue reading Key management for End-to-end encryption for Chat application→

Does Re-Encryption make our data more secure?

Posted on December 8, 2021 by midnite

We are focusing on mobile phone and hard drive encryptions. This idea can be extended to any data encryption also.
iPhone and recent Androids are all encrypted. We know that changing the password will not change the encrypted data. It only… Continue reading Does Re-Encryption make our data more secure?→

EU key management in 2022

Posted on December 7, 2021 by Help Net Security

It was reported that the private key used to sign EU Digital Covid certificates (aka “vaccine passports”) was leaked and circulated on messaging apps and online data breach marketplaces. The key was misused to generate certificates for Adolf Hitler, Mi… Continue reading EU key management in 2022→

Strange keystore from payment processor

Posted on October 14, 2021 by maple_shaft

I am working on an older software for a company at the moment and in my work have been upgrading a number of libraries. The app connects to a web service hosted by the third party payment processor, and in doing so it must create a digital… Continue reading Strange keystore from payment processor→

Is it possible to use HKDF in the TPM?

Posted on September 30, 2021 by rkor

Is it possible to use HKDF in the TPM? My goal is to load in a master symmetric key and derive keys from that using HKDF. I see there are other KDF functions available, but no mention of HKDF.

Continue reading Is it possible to use HKDF in the TPM?→

Almost unattended generation of "a pretty good keypair"

Posted on September 18, 2021 by n0542344

I need to generate quite a lot of gpg-keys for different tasks on my Debian Bullseye (Stable) machine. Also I want the highest level of security while being able to automate as much as possible.
Therefore I wrote a bash-script with the fo… Continue reading Almost unattended generation of "a pretty good keypair"→

Only 30% of enterprises use cloud services with E2E encryption for external file sharing

Posted on September 13, 2021 by Help Net Security

A recent study of enterprise IT security decision makers conducted by Tresorit shows that majority of enterprises use additional encryption methods to boost the security of cloud collaboration and file transfer, however, tools with built-in end-to-end … Continue reading Only 30% of enterprises use cloud services with E2E encryption for external file sharing→

How are the PGP keys that Thunderbird 78+ uses encrypted?

Posted on September 7, 2021 by Binarus

With Thunderbird 78, a new PGP subsystem has been introduced which handles PGP keys internally. In previous versions, the add-on Enigmail has handled PGP-related stuff, by letting do GnuPG the work behind the scenes.
I currently know only … Continue reading How are the PGP keys that Thunderbird 78+ uses encrypted?→

Move signing subkey to authentication slot on YubiKey (OpenPGP card)?

Posted on September 4, 2021 by Richard Hansen

My PGP primary key is only used for certification—I use a separate subkey for signing. Like this:
sec rsa4096/0x891781D0EDC66456 … Continue reading Move signing subkey to authentication slot on YubiKey (OpenPGP card)?→