key – Page 15 – WindowsTechs.com

Mbed TLS / Mbed Crypto

Posted on February 24, 2020 by Rohit Khera

I’m looking for pointers to any routines or functions within the ARM mbed TLS and/or ARM mbed crypto libraries to export generated key pairs in PEM or DER format?

Continue reading Mbed TLS / Mbed Crypto→

Using the same password to encrypt and to authenticate other actions

Posted on February 1, 2020 by wtdmn

Saved on device, I have TLS certificate private key, which I would like to encrypt with AES256; password will be simple PIN.

I would also like to use this same PIN as a secondary protection for some user actions. The salt and hash of this… Continue reading Using the same password to encrypt and to authenticate other actions→

Recreating the Half Coins of Jin-Qua

Posted on January 19, 2020 by dragonwrenn

In the Asian Saga series by James Clavell, the Struan family gave away the half-coins of Jin-qua: in exchange for a desperately needed loan, the pirate Dirk Struan received 4 halves of 4 coins. The Chinese merchant, Jin-qua, kept the rema… Continue reading Recreating the Half Coins of Jin-Qua→

Can I use the same truststore and keystore on the client and the server?

Posted on January 17, 2020 by jeremysprofile

TL;DR: Is it possible to have both sides of a SSL/TLS connection have the same public and private key, so long as that public key is trusted by both sides?

More info if helpful:

I’m trying to test how I’d setup having Java application co… Continue reading Can I use the same truststore and keystore on the client and the server?→

PIN transfer between payment schemes

Posted on January 14, 2020 by user1563721

I am wondering, if it should be possible to transfer PIN in case of migrating between different payment schemes like Mastercard or VISA.

For example, when I have a card issued by Mastercard, and it will be changed to VISA, i… Continue reading PIN transfer between payment schemes→

Protect sensitive data in memory

Posted on January 10, 2020 by uduck

Is there a way to protect sensitive data which is in RAM?
Our setup is a microcontroller with no hardware support for security.
When there is a need to encrypt data, then the secret key exists in RAM.
Even further- plain text… Continue reading Protect sensitive data in memory→

Hashed password vs key, full-disk encryption

Posted on December 29, 2019 by AJS14

In the case of FDE, I understand that the user defined password is ran through a hashing algorithm such as SHA-512 (often with a random SALT and a high iteration count to act as a countermeasure for rainbow table and brute f… Continue reading Hashed password vs key, full-disk encryption→

Thales HSM: relationship between the various key types?

Posted on December 19, 2019 by Kai

I am going through the Thales HSM manuals, and frankly the key acronyms are driving me crazy. I would like to understand the differences between the following keys, and how they relate to one another:

LMK
TMK/TPK/TAK/TEK
ZMK/ZPK/ZAK/ZEK
… Continue reading Thales HSM: relationship between the various key types?→

Is it safe to generate a temporary API key from a random generator seeded by a secure random generator?

Posted on December 12, 2019 by G_H

I have a need to generate a key consisting of a given number of random characters that will be used to access resources via a public API. It should not be possible to predict the key. This is done in Java. I can use a SecureR… Continue reading Is it safe to generate a temporary API key from a random generator seeded by a secure random generator?→

Hawk vs. API key authentication

Posted on December 7, 2019 by Michal Charemza

For a HTTP(S) API, which is better (/ which is better under which circumstances)?

Hawk authentication (a secret key is used to create a signature which is transmitted with the request: similar to AWS Signature v4)
API key a… Continue reading Hawk vs. API key authentication→