Questions tagged [encryption]
Encryption is the process of transforming plaintext using a cipher to make it unreadable to anyone except those possessing the key.
5,906
questions
3
votes
2
answers
406
views
Why would one use radio instead of the Internet for secure communications?
This question is inspired by someone's comment on this question elsewhere
In the modern era of Internet and encryption it's quite surprising that countries like Russia still regularly use coded radio ...
- 181
0
votes
0
answers
145
views
Where to store user private keys in a webapp? [duplicate]
I'm building a webapp where I want to encrypt user data. I've done A LOT of research about this.
The main issue is that I want only users to be able to access their data. After reading countless ...
- 111
1
vote
1
answer
231
views
How to implement public key encryption for a webapp?
I'm making a web app where users will upload sensitive data (private financial records), so I want to encrypt one column in one table that holds the value.
If I understood correctly, I need to use a ...
- 111
0
votes
2
answers
211
views
Is Symmetric Key Exchange over HTTPS safe?
I am auditing a webapplication that gives access to a financial backend. The web application provides the frontend in a HTTPS session properly encrypted, and after the client authenticating inside the ...
- 1
0
votes
1
answer
368
views
is access token using SHA256 secure?
I want to create a server where after the user logs the server gives them a randomly generated access token that is hashed using SHA256, that I store in the database a long with an expiration date, I ...
- 33
0
votes
0
answers
98
views
User-Controlled Encryption in web app. How to Implement Encrypted Content Sharing Among Friends?
I'm working on idea for a project the goal is to allow a user to share their encrypted content with friends while ensuring the server and none friends maintains zero knowledge of the actual content.
...
- 113
0
votes
1
answer
363
views
OpenSSL CMS Sign and Verify
I have been assigned an application that is a few years old now, written by people who are no longer at the company. There is little-to-no documentation on processes or code.
It signs firmware for a ...
- 101
0
votes
0
answers
112
views
Why doesn't file/folder encryption work the way I imagine it should? Can I have the UX I want? Tell me what's wrong with this idea
I have been looking around at various encryption schemes, and I haven't found anything exactly like what I want in terms of user experience.
If what I want isn't a thing, I assume it's been thought of,...
- 101
2
votes
3
answers
223
views
If I control both sides of a connection, is there any reason to support alternate cipher suites?
If I have a system where I have 100% control over the client operating system and the server operating system, is there any use case for enabling more than one cipher suite (or any of the options that ...
- 161
2
votes
0
answers
106
views
Secure API token handling in Windows app: the token is needed to authenticate the requests to a backend server
I'm currently working on a UWP app that involves validating redemption codes against a Cloudflare KV storage backend. That's all the backend server is for.
I want the app to check the redemption code ...
- 21
1
vote
0
answers
57
views
Is there any way to check quality of TRNG at runtime or after installation in application?
True random number generator quality can be checked with statistic tests like the NIST suite or DIEHARD suite but after time, how we can check for its durability and whether it still possesses the ...
2
votes
1
answer
199
views
Do Windows Credential Manager encrypt information stored in it?
Apologize if this is a newbie question. Say the PC hard drive with Windows installed is un-encrypted (no BitLocker, etc); and someone gets physical access to the hard drive but does not know the (...
- 121
1
vote
0
answers
105
views
Help me securely store and retrieve Social Security numbers [closed]
I am on the very last functionality to implement before launching my app. I have the same requirements someone like Fanduel or Draftkings does. When my users cross the $600 threshold for prizes in the ...
- 11
3
votes
1
answer
440
views
What can forensic analysts extract from a fully encrypted phone? [closed]
I was very disappointed to hear that my friend, who had his Android phone seized not too long ago, has had his phone broken by police forensics.
As far as I know, it was a few years old, Samsung, and ...
2
votes
1
answer
753
views
Apple Mail versus GMail app content security
I am trying to determine if there is a benefit to using the GMail app over the built in iOS one when it comes to security. I know that both store data locally on the phone, but the question is whether ...
- 121