Collaborate Disseminate
The FIPS draft for Dilithium signature scheme (official name ML-DSA) had just been released not long ago. In the specification for skDecode (which is the subroutine that loads the private signing key) mentions that this procedure must be p… Continue reading Security implication of loading untrusted private keys
I have this issue moving some code from python to java.
The following public key:
MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgAC2X07fCab+nIPAWBb5eRlhdOfR0Bkrhx7TgM3cGbR31g=
can be succesfully read from this python code:
key = bytearray.fromhex(
… Continue reading Read EC Public Key, works in python, error in java [migrated]
I’m doing a spin-off request from this: EC Key request
As my problem is a bit different but similar.
I have the following private key (in this format, not a file):
MHcCAQEEID0VR/I814rQUqWIYPEhno+3kexN/jN2n1ub+mJ6ZWyhoAoGCCqGSM49AwEHoUQDQgA… Continue reading Parsing and loading EC Private key, curve secp256r1 [migrated]
I’m going to develop a PWA cold crypto wallet.
I need to store the user’s private key on the client side and not send it to the server.
Where should I store that?
Is it secure to persist private key in browser localStorage?
Continue reading Is it secure to store user private key in local web storage?
Do you have to make a key hash with securely-optimum setting (eg. 100MB memlimit, 3 opslimit) for encryption ?
So I’m making a text encryption function with javascript, using XChaCha20-Poly1305 and Argon2id. It’s already working. The way i… Continue reading Key Hash With Securely-Optimal Setting : For Encryption vs For Password
I need to use the CVK Key (in key block format) to calculate the CVV2.
In the past, I have always used single keys in variant format for this purpose (CVKa + CVKb), and the calculation procedure is standard (there are also many online calc… Continue reading CVV2 calculation with TR-31 Key
we have a concern about a key export. We completed the migration to Key Block LMK in our environment (with HSM Thales 10K). Now, we have to exchange keys with third-parties that still use Keys in variant form. We generated the keys and for… Continue reading PCI compliance – use of ANSI X9.17 for export keys
I use a Thales PayShield 10K with a LMK KeyBlock 3DES. I have to send a CVK Key to a Scheme for the valorization of CVV2 value. Now, in my envorinment i generated a CVK Key with "Key Usage"= C0 and encrypted it under a ZMK (Key s… Continue reading Management of CVK key in Key Block format
In TLS 1.3 (RFC8446), there are many secrets and keys. As far as I’ve understood, every certificate (usually only the server) has a long term key associated with it which is used with HKDF to generate a temporary key for the certificate ve… Continue reading Permanent Keys/Secrets in TLS 1.3
What is the point of the “AES Key Wrap” algorithm prescribed for use with CMS-like contexts in IETF RFC 3394?
Just look at the algorithm (tacked on to the end of this post), informally, it smells a lot like a "home-brew" cryptosy… Continue reading What is the point of the “AES Key Wrap” algorithm?