All Questions
Tagged with encryption tls
550
questions
0
votes
0
answers
8
views
ELI5: If SSL encrypts traffic, why does it expire?
SSL, nowadays TLS, encrypts traffic between the server and client. However, the certificate is only valid for a certain period of time until its expiration.
What I don't understand is, why does TLS ...
4
votes
2
answers
1k
views
Securing HTTP File Transfer over local network
My intention is to transfer files between a computer and a cell phone in the same network. I have created a system consisting of two apps for this purpose (everyone should be able to use the apps): ...
1
vote
1
answer
222
views
How does TLS-CRYPT-V2 work in OpenVPN?
I am configuring an OpenVPN server and I would like to use TLS-CRYPT-V2. For that, in the documentation, it is said that I have to create a TLS-CRYPT-V2 key for the server and one for each client, ...
0
votes
1
answer
93
views
Would there be any utility for multiple clients sharing the same TLS session key?
I was wondering if there is any utility for multiple hosts sharing the same TLS session key. I have come across proxies and the way they intercept TLS connections is to make the client accept its ...
1
vote
2
answers
121
views
Authenticating a device for remote motor control
I'm looking for a standard solution to the following problem. I've been unable to find how something like this is normally accomplished. Even a key word that points me in the right direction would be ...
0
votes
2
answers
211
views
Is Symmetric Key Exchange over HTTPS safe?
I am auditing a webapplication that gives access to a financial backend. The web application provides the frontend in a HTTPS session properly encrypted, and after the client authenticating inside the ...
1
vote
1
answer
270
views
Why is TLS communication within a VPC important? [duplicate]
In this sense, I understand the encryption needed between say client and server and all communications that are external.
But for a scenario where for all VMs are in the same VPC and not exposed to ...
0
votes
1
answer
170
views
Connect to corporate wifi with personal phone - decrypt https?
Someone asked regarding wifi yesterday but can't find the post anymore.
When connecting to corporate wifi with my personal iPhone for first time, I am asked to trust a "Root CA". However, I ...
0
votes
0
answers
128
views
Can I send confidential information in plain text via an HTTPS POST method?
I have a web app that collects user SSN and driver license number. A POST API via HTTPS send the data to the server. Can I use plain text to transfer the data? Is it safe enough? Is it in accordance ...
2
votes
4
answers
343
views
Using FIX over TLS, is there a need to sign FIX mesages?
We have 2 servers communicating, server A (a server that I own), and server B (server on the internet that I trust). I get some info from server B, which are FIX messages (https://en.wikipedia.org/...
0
votes
1
answer
108
views
are files sent in a TLS channel signed? [duplicate]
I have 2 endpoints that are exchanging data (FIX messages), and the originating endpoint is genrating the fix files are sending them on an ecrypted channel (TLS or Stunnel). In a security audit, it ...
0
votes
0
answers
149
views
Providing encryption and password for an IOT device over gRPC
I've been breaking my head over how to do this, as it doesn't seem to fit any example I could find online.
My IOT device servers will run on the client network and may be accessed over it or over the ...
1
vote
1
answer
105
views
Is there a way someone can read arrays of bytes which I send with java sockets while using TLS 1.2?
If anyone can answer me pls I just need an anwer. I know thus isn't maybe right place for this question
I created chatting app with sockets in Java 8 and i use TLS 1.2 My question is: Is there any way ...
0
votes
0
answers
80
views
Are there any attacks against TLS 1.1 encryption? [duplicate]
I've been researching the main TLS 1.1 vulnerabilities, and from what I've seen, TLS 1.2 only improves the cryptographic hash functions, because TLS s 1.1 are broken.
If these hash functions are ...
1
vote
1
answer
2k
views
SNI visible in HTTP/3, QUIC connection?
Client Hello should be encrypted in HTTP/3 and QUIC, but in Wireshark I can still see SNI of the QUIC connection when using DoH.
The names should be encrypted inside the Handshake/CRYPTO packets.
is ...