LKM key copy to new component [closed]
How we may copy the already loaded LMK from the HSM, because the 3 components previously copied are lost?
Category Archives: key management
How does ransomware store their decryption keys? [duplicate]
I’ve recently got into cyber security and really got into malware, more specifically, ransomware.
While studying some of the strongest ransomware ever (example: WannaCrypt, CryptoLocker, etc…) I’ve started wondering how they can securely… Continue reading How does ransomware store their decryption keys? [duplicate]
Unique SSH Keys With Identical Password?
I’m a one man shop. All I care about is having my workstations and server stolen. I plan on running a couple dozen VMs on my server, mostly Linux.
Question is, obviously having unique passwords for each SSH key for each VM is most secure, … Continue reading Unique SSH Keys With Identical Password?
Would there be any utility for multiple clients sharing the same TLS session key?
I was wondering if there is any utility for multiple hosts sharing the same TLS session key. I have come across proxies and the way they intercept TLS connections is to make the client accept its certificate and then act as client to the e… Continue reading Would there be any utility for multiple clients sharing the same TLS session key?
How organizations can keep up with shifting data privacy regulations
With no sign of regulations slowing down, enterprises struggle to keep pace with the rapid changes. According to a recent NTT Data survey of business executives, 3 in 4 organizations can’t keep up with data regulations, holding them back from successfu… Continue reading How organizations can keep up with shifting data privacy regulations
What are the effective open-source methods for storing and managing encryption keys in a language-agnostic manner when an HSM is unavailable?
When HSMs are not accessible, we often need alternative methods for securely storing and managing encryption keys
What open-source options exist for effectively managing encryption keys in a language-agnostic manner when HSMs are unavailab… Continue reading What are the effective open-source methods for storing and managing encryption keys in a language-agnostic manner when an HSM is unavailable?
Rotate or replace EMV keys?
I would like to better understand the mechanism of rotation of EMV keys used for payment cards.
Assuming that it intends to provide a rotation of the keys used for the production cards:
just recycle the keys under Master Key and get a new… Continue reading Rotate or replace EMV keys?
Beyond blockchain: Strategies for seamless digital asset integration
In this Help Net Security interview, Jean-Philippe Aumasson, CSO at Taurus, emphasizes the often-overlooked complexities of key generation, storage, and distribution, underlining the necessity for a high level of security maturity in handling digital a… Continue reading Beyond blockchain: Strategies for seamless digital asset integration
Sharing secret passphrase with others
Is it a good idea for a user who is the owner of encrypted data to share a secret passphrase with other users (workers) so that they can decrypt the encrypted data? Is there a better way? I’ll add that the data is encrypted on the client s… Continue reading Sharing secret passphrase with others
Using AWS Key Management Service to store passwords [closed]
I obtained the code below from ChatGPT. It works but I’m trying to understand the purpose of KMS. Does it basically store passwords in KMS and allowing me to retrieve them each time I send over the CiphertextBlob? And could I store more th… Continue reading Using AWS Key Management Service to store passwords [closed]