key management – Page 7 – WindowsTechs.com

How to setup a Per-File Encryption architecture

Posted on October 24, 2022 by Lina

I would like to set up a per-file encryption architecture where every file is encrypted with its own key, and each key is encrypted using a master key.
Is there any good articles to read regarding this? Or any advice?
The questions I have … Continue reading How to setup a Per-File Encryption architecture→

How long does Signal keep the keys for out-of-order messages?

Posted on October 23, 2022 by user2600798

I was reading the Signal protocol on how it handles out-of-order messages. What if those messages never arrived, does Signal keep the keys forever or are the keys deleted as soon as a new session is started?
https://signal.org/docs/specif… Continue reading How long does Signal keep the keys for out-of-order messages?→

Securely store application secrets in production without 3rd party KMS

Posted on September 30, 2022 by JCasper

Integrated Security

I have a ASP.NET web application with connection strings and other secrets to protect in production. Ideally I would like to use IntegratedSecurity to keep SQL credentials out of the connection strings, but IIS Expres… Continue reading Securely store application secrets in production without 3rd party KMS→

Passwordless gnome-keyring – Does it present a security issue?

Posted on August 6, 2022 by st00nks

I’ve been looking around, but I can’t seem to find an unified answer for my question.
eg.
Some say it’s safe: What’s the security risk when setting the Gnome keyring password to blank on an FED system with autologin?
Some say it’s unsafe: … Continue reading Passwordless gnome-keyring – Does it present a security issue?→

Does the the key used to encrypt in a ransomware attack reside on the target computer for at least some time? [duplicate]

Posted on July 5, 2022 by Abhisek Dash

My understanding is that a ransomware uses the target computer’s resources to encrypt files. So does that mean that the key used for encryption resides on the target computer for at least some time? I am assuming that symmetric encryption … Continue reading Does the the key used to encrypt in a ransomware attack reside on the target computer for at least some time? [duplicate]→

Increased cloud complexity needs stronger cybersecurity

Posted on June 13, 2022 by Help Net Security

A Thales report, conducted by 451 Research, reveals that 45% of businesses have experienced a cloud-based data breach or failed audit in the past 12 months, up 5% from the previous year, raising even greater concerns regarding to protecting sensitive d… Continue reading Increased cloud complexity needs stronger cybersecurity→

Why are key IDs typically the last digits of the key hash?

Posted on June 3, 2022 by Turysaz

With PGP for example, the "properties" of the following key are:
pub rsa3072/2BD6571B 2022-06-03 [SC] [expires: 2024-06-02]
6713B62DC36CE36403C724B1FFD641CF2BD6571B
uid [ultimate] turysaz@foo.bar
sub rsa3072/10E… Continue reading Why are key IDs typically the *last* digits of the key hash?→

Why are key IDs typically the last digits of the key hash?

Posted on June 3, 2022 by Turysaz

How do centralized crypto exchanges store seed phrases and users’ private keys?

Posted on May 31, 2022 by whitebat 199

Say I’m trying to develop a CEX, hence I will hold custody of users’ keys. How would I go about doing that and ensuring safety and security?
From what I know, I can generate the users’ keys from a seed phrase and store the path used to gen… Continue reading How do centralized crypto exchanges store seed phrases and users’ private keys?→