All Questions
Tagged with encryption public-key-infrastructure
185
questions
0
votes
0
answers
82
views
NTRU - How is the master key and session key generated?
I am learning the PKC topics and would like to understand about the master and session key generation process regarding NTRU.
Let's make it a scenario, if a user wants to register during the ...
0
votes
0
answers
152
views
How to prevent public key tampering
I have to store a document (e.g. a JSON file) on a remote PC (that my App is running on) alongside a signature to be able to verify that this file was signed by me. I have no access to this PC nor ...
3
votes
1
answer
373
views
A web browser localy encrypted by default
Some years ago, I've found a web browser which I can't remember the name. It had pretty impressive security standards. For example:
Symmetric encryption key (password) is mandatory for saving ...
0
votes
2
answers
497
views
Ransomware public key: can I find the respective private key?
I got a ransomware called StopDjvu. On my PC, I have found the public key that is used by the malware (maybe RSA hardcoded).
Is it possible to extract the private key from the public key?
0
votes
0
answers
301
views
Securing the Server Hello in TLS 1.3
I've been trying to better understand TLS, and am stuck on one point with TLS 1.3. I understand that the Client makes an assumption regarding which Cipher Suite the Server will select, and includes a ...
0
votes
1
answer
154
views
How do you trust two different cloud provider servers?
I've found a question with an answer here on Security StackExchange or on Unix StackExchange, but I can't find it anymore apparently :( If you find this answer already, help would be appreciated, I ...
0
votes
2
answers
164
views
Secure data (+ private key) storage in an insecure public cloud environment
We are trying to encrypt files in a manner that they can be completely secure in an insecure environment (like a public cloud). We're talking about military grade secure.
The data should be so secure ...
1
vote
2
answers
1k
views
Possible attacks using public key in a certificate
this is purely an exploratory question.
If this is not the right place to ask for it,
please point me to the right one.
TLS version: TLS 1.2
CIPHER SUITE : TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(any ...
0
votes
3
answers
611
views
Is the Initial Public Key Transfer Process in Public Key Encryption Vulnerable to MITM on Public Networks?
(shown in step 1): Is the initial process in public key encryption where the public key is transferred across the network done in plaintext? It seems like it must be, which essentially means that no ...
5
votes
1
answer
935
views
Impact of having more X509v3 Key Usage fields than required?
I was wondering if having an "oversubscription" of "Key usage fields" inside a X509v3 certificate can negatively impact the performance and/or the security of a server.
For example ...
0
votes
3
answers
482
views
Nextgen firewalls - encrypted traffic inspection
I read recently about next generation firewalls that use deep-packet-inspection, intrusion-prevention and something the manufacturers call encrypted-traffic-inspection, encrypted-traffic-analytics.
...
3
votes
2
answers
2k
views
is this a good practice for storing private keys?
I'm working on a centralized exchange for cryptocurrencies. the approach that I'm taking for some reasons is to create an account(private key) per user inside platform. so these accounts should be ...
4
votes
2
answers
277
views
Is Java's probablePrime used in production?
Prime numbers are core in security.
I saw this question about Java's probablePrime
and was wondering if that API/approach is indeed used for real production-ready security code or other approaches are ...
0
votes
0
answers
167
views
Reused key issue in Asymmetric Encryption
We all hear often about the reused key issue in block cipher.
For example, for a picture being encrypted by the electronic codebook mode, we will still see the shape of the picture.
https://images.app....
1
vote
1
answer
682
views
Is it allowed to store billing address for merchants SAQ A merchants? (PCI DSS)
I know there are many limitations for data storing and processing by PCI DSS. Some of them are explained here. https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf
But I can't find any ...