Collaborate Disseminate
"The KeyUpdate handshake message is used to indicate that the sender is updating its sending cryptographic keys."
"If the request_update field is set to "update_requested", then the receiver MUST send a KeyUpdate o… Continue reading what should be the response of keyupdate if the initial KeyUpdateRequest is set to update_not_requested not update_requested
This is a follow-up of these two questions about using the TPM to store application’s keys. While both have great answers, there is a specific aspect I am missing:
How safe are the keys inside the TPM against another (malicious) app trying… Continue reading How safe are my app’s keys inside the TPM against other apps trying to impersonate mine?
The ssh-keygen command to generate the pair of keys files can use the -t option. According to Ubuntu Noble’s man ssh-keygen for the mentioned option, it indicates:
-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa
Specifi… Continue reading OpenSSH 9.6p1: What is the best key type for the ssh-keygen command through the -t option?
How we may copy the already loaded LMK from the HSM, because the 3 components previously copied are lost?
I’ve recently got into cyber security and really got into malware, more specifically, ransomware.
While studying some of the strongest ransomware ever (example: WannaCrypt, CryptoLocker, etc…) I’ve started wondering how they can securely… Continue reading How does ransomware store their decryption keys? [duplicate]
I’m a one man shop. All I care about is having my workstations and server stolen. I plan on running a couple dozen VMs on my server, mostly Linux.
Question is, obviously having unique passwords for each SSH key for each VM is most secure, … Continue reading Unique SSH Keys With Identical Password?
I was wondering if there is any utility for multiple hosts sharing the same TLS session key. I have come across proxies and the way they intercept TLS connections is to make the client accept its certificate and then act as client to the e… Continue reading Would there be any utility for multiple clients sharing the same TLS session key?
With no sign of regulations slowing down, enterprises struggle to keep pace with the rapid changes. According to a recent NTT Data survey of business executives, 3 in 4 organizations can’t keep up with data regulations, holding them back from successfu… Continue reading How organizations can keep up with shifting data privacy regulations
When HSMs are not accessible, we often need alternative methods for securely storing and managing encryption keys
What open-source options exist for effectively managing encryption keys in a language-agnostic manner when HSMs are unavailab… Continue reading What are the effective open-source methods for storing and managing encryption keys in a language-agnostic manner when an HSM is unavailable?
I would like to better understand the mechanism of rotation of EMV keys used for payment cards.
Assuming that it intends to provide a rotation of the keys used for the production cards:
just recycle the keys under Master Key and get a new… Continue reading Rotate or replace EMV keys?