Collaborate Disseminate
I’m going to develop a PWA cold crypto wallet.
I need to store the user’s private key on the client side and not send it to the server.
Where should I store that?
Is it secure to persist private key in browser localStorage?
Continue reading Is it secure to store user private key in local web storage?
Do you have to make a key hash with securely-optimum setting (eg. 100MB memlimit, 3 opslimit) for encryption ?
So I’m making a text encryption function with javascript, using XChaCha20-Poly1305 and Argon2id. It’s already working. The way i… Continue reading Key Hash With Securely-Optimal Setting : For Encryption vs For Password
I need to use the CVK Key (in key block format) to calculate the CVV2.
In the past, I have always used single keys in variant format for this purpose (CVKa + CVKb), and the calculation procedure is standard (there are also many online calc… Continue reading CVV2 calculation with TR-31 Key
we have a concern about a key export. We completed the migration to Key Block LMK in our environment (with HSM Thales 10K). Now, we have to exchange keys with third-parties that still use Keys in variant form. We generated the keys and for… Continue reading PCI compliance – use of ANSI X9.17 for export keys
I use a Thales PayShield 10K with a LMK KeyBlock 3DES. I have to send a CVK Key to a Scheme for the valorization of CVV2 value. Now, in my envorinment i generated a CVK Key with "Key Usage"= C0 and encrypted it under a ZMK (Key s… Continue reading Management of CVK key in Key Block format
In TLS 1.3 (RFC8446), there are many secrets and keys. As far as I’ve understood, every certificate (usually only the server) has a long term key associated with it which is used with HKDF to generate a temporary key for the certificate ve… Continue reading Permanent Keys/Secrets in TLS 1.3
What is the point of the “AES Key Wrap” algorithm prescribed for use with CMS-like contexts in IETF RFC 3394?
Just look at the algorithm (tacked on to the end of this post), informally, it smells a lot like a "home-brew" cryptosy… Continue reading What is the point of the “AES Key Wrap” algorithm?
My understanding is that an ED25519-sk SSH key generated by OpenSSH generates a private key stub that lives on your host machine. This stub is just a reference to the actual private key that lives on the actual hardware key itself.
My unde… Continue reading Can someone with access to only my Yubikey gain access to my server that has SSH access via an ED25519-sk keypair?
Assuming I have found several OpenSSH private keys on my client’s system, how can I detect (at scale) which of them are:
completely unprotected (i.e. no passphrase)
using an old hashing algorithm for the passphrase (I read somewhere that … Continue reading How do you know what KDF was used to protect an SSH-Key?
During the early hours of the morning there was an attempt to enter and presumably steal various vehicles on my street, detected well after the fact via householders reviewing CCTV motion detection alerts. There is only ever one person i… Continue reading Detecting signal amplification attacks against PKE keyless fobs