Collaborate Disseminate
I’ve learned that a key protector encrypts the VMK (volume master key), then the VMK encrypts the FVEK (full volume encryption key), and finally the FVEK encrypts the actual data blocks.
I’ve also learned that the numeric password (aka. &q… Continue reading What does an exported BitLocker key package contain?
I am working on an application running in/on a hosted Kubernetes cluster. All services are built using a Java based stack.
For a new feature it is required to temporarily store notifications (email address, notification text) in database.
… Continue reading Encryption and storing/managing private key in hosted cluster
In order to keep all my secret in the same place, I would like to store my GPG private key in KeePassXC, under the "Notes" field.
Provided that the db file has very good password, is this safe?
Os this field encrypted?
It occurred to me that if I could compile a private key in source code, I could prove that log information came exclusively from the application for a given version.
I could do this by releasing the public key and by making sure that for e… Continue reading Is there a secure way to embed a private key in compiled code that is released in compiled form to the general public?
we have a concern about a key export. We completed the migration to Key Block LMK in our environment (with HSM Thales 10K). Now, we have to exchange keys with third-parties that still use Keys in variant form. We generated the keys and for… Continue reading PCI compliance – use of ANSI X9.17 for export keys
Do you know any processes for recovering data which has been encrypted with a revoked or expired encryption key after the encryption key becomes invalid?
Continue reading How to recover data that was encrypted with a revoked or expired key?
I am developing an embedded device using a bootloader. This means that the device will store in its flash an encryption key for decrypting update packages and an ECC public key for verifying update signatures. For this, the process needs t… Continue reading Strategy for storing private keys used in an embedded device
I have a Progressive Web Application (PWA) with a lot of users, each user creates a public-private keypair and wants to use that across devices simply by logging in using some form of auth, for example, Google SSO, etc. If there was some s… Continue reading Passing sensitive user data I must not ever see between devices using an identity provider
Scenario:
The setup is that each user has a randomly generated key A used for encrypting data stored on the server and a password-derived key B used to store A on the server without the server getting access to A. So the server stores the … Continue reading How could one use multi-factor authentication to derive a static secret key?
Is there a way/software to manage and sign multiple SSL certificates? We have many intranet web applications that show the certificate error risk in the web browser. I have been googling a lot but SSL certificates still mystify me, I know … Continue reading What is the proper way to manage a company’s SSL certificates?