Questions tagged [encryption]
Encryption is the process of transforming plaintext using a cipher to make it unreadable to anyone except those possessing the key.
5,906
questions
1
vote
1
answer
25
views
ELI5: If SSL encrypts traffic, why does it expire?
SSL, nowadays TLS, encrypts traffic between the server and client. However, the certificate is only valid for a certain period of time until its expiration.
What I don't understand is, why does TLS ...
1
vote
1
answer
39
views
Is local password recovery for each device a viable security approach?
I'm developing a multi-platform application using Flutter, which involves sensitive user data and requires both online and offline accessibility. To enhance security and usability, I am considering ...
4
votes
2
answers
214
views
How safe are my app's keys inside the TPM against other apps trying to impersonate mine?
This is a follow-up of these two questions about using the TPM to store application's keys. While both have great answers, there is a specific aspect I am missing:
How safe are the keys inside the TPM ...
2
votes
0
answers
62
views
Searchable encryption for phone numbers
I have a table in Postgres that stores phone numbers. Since phone
numbers are considered PII, I cannot store them as plaintext.
For other PII fields, I use AES-256-CBC. However, the requirements are ...
0
votes
0
answers
31
views
can non-rotatable secrets be stored in ciphertext form in a DB/file/etc.?
We have a service running on AWS. This service uses secrets such as API keys of third party services (in other words: secrets which do not rotate automatically). These secrets are stored in AWS ...
0
votes
1
answer
106
views
Can we catch signals from a cellphone using AI to interpret the encrypted data?
Would it be possible for someone to steal EM waves from our mobile devices to listen to our conversations or get our OTP?
Whatever encryptions they have they are just EM waves. Based on the patterns ...
6
votes
2
answers
153
views
Use of TPM to encrypt data of my application in practice
I am not very familiar with TPMs, but from what I can tell their main benefit for the user is to make the system as a whole more secure, if you take the appropriate measures, e.g. by checking the boot ...
0
votes
0
answers
7
views
Implementing end to end encryption (react js , laravel) [migrated]
I need to implement end to end encryption between front (reactjs) and back (laravel). What I try to do is encrypt data in front using package cryptojs, send it using axios to backend, in the backend I ...
2
votes
1
answer
65
views
Are there any motherboards / UEFI that support hardware encryption on SED?
I found that Thinkpads have hdd password support, which in terms uses some bizarre password hashing and ends up with 90 bits of entropy, which is again used as ATA security password to SED, which in ...
1
vote
0
answers
58
views
OpenSSH 9.6p1: What is the best key type for the ssh-keygen command through the -t option? [duplicate]
The ssh-keygen command to generate the pair of keys files can use the -t option. According to Ubuntu Noble's man ssh-keygen for the mentioned option, it indicates:
-t dsa | ecdsa | ecdsa-sk | ed25519 |...
0
votes
1
answer
36
views
Assure Deterministic Hashing/Encryption Process can be Replicated if Rebuilt
May I have some guidance for a project I am working on?
These are the requirements:
A Dataset needs to be submitted in a .csv format, delimited by '|'
The Dataset needs to be submitted periodically (...
0
votes
1
answer
65
views
Is a Three-Layer Post-Quantum Safe VPN Hidden Within Regular IPsec Effective Against Eavesdroppers?
I'm working on designing a VPN that is post-quantum safe while avoiding detection that it uses post-quantum cryptography. The goal is to make the use of post-quantum cryptography indistinguishable to ...
2
votes
1
answer
693
views
Benefit of splitting and routing/encrypting file packets separately?
I have something of a theoretical question - how much of a cyber benefit would there be to taking data, breaking it up and encrypting it, then sending it to the destination via multiple disparate ...
4
votes
2
answers
1k
views
Securing HTTP File Transfer over local network
My intention is to transfer files between a computer and a cell phone in the same network. I have created a system consisting of two apps for this purpose (everyone should be able to use the apps): ...
1
vote
0
answers
40
views
Mutual Authentication after ECDH Exchange with pre-shared secrets
I´m currently building a protocol, in which two parties establish a connection via ECDH Key Establishment. The shared secret after ECDH is used to derivate Keys (with HKDF) for symmetric encryption.
...
2
votes
1
answer
119
views
Can I add salt to my salt for password hash? [duplicate]
Following this tutorial, I got a bunch of questions with this code :
const crypto = require("crypto")
async function hash(password) {
return new Promise((resolve, reject) => {
...
2
votes
2
answers
130
views
How to Sniff Bluetooth Traffic and Determine Encryption on Fitness Tracker Data?
I am attempting to analyze the Bluetooth communication between a fitness tracker (GOJI ACTIVE GFITBK20 Activity Tracker) and its corresponding application (Goji Active) installed on my Android phone. ...
4
votes
2
answers
708
views
Omit IV for AES128-CBC when requiring to always get the same ciphertext encrypting random IDs
Imagine having images stored in a system with their 256 bit hash (BLAKE2b) as their unique ID. We want to produce a URL for each image, something like:
https://host/images/cleartext-image-ID
In order ...
0
votes
0
answers
82
views
NTRU - How is the master key and session key generated?
I am learning the PKC topics and would like to understand about the master and session key generation process regarding NTRU.
Let's make it a scenario, if a user wants to register during the ...
0
votes
0
answers
29
views
The Boot Process - Sequence of Events, Boot Integrity Checks, and BitLocker OS Volume Encryption
Apologies if any of these questions have been answered previously. Also, apologies for the sheer number of questions asked here. I've done some digging, and have been unable to find a good resource ...
0
votes
3
answers
118
views
Is Homomorphic SQL Query Encryption a good idea - and should I use It?
My web app still needs a lot of work on it in the security department, so I'm considering implementing homomorphic encryption for my SQL database- to help protect from the outcomes of SQLi.
I know the ...
1
vote
1
answer
113
views
Refresh tokens for impersonating user credentials: how to implement them?
The web app I'm developing makes use of the concepts of "access token" and "refresh token", even though it uses its own auth scheme.
In certain situations, the web app needs to get ...
1
vote
1
answer
127
views
Why does the Signal Protocol use a symmetric key for encryption- when asymmetric keys are more secure? [duplicate]
The Signal Protocol, as many of you would know, is used by many applications such as WhatsApp and Signal. These corporations, I can vouch for, would definitely use the most secure protocol they could- ...
1
vote
1
answer
91
views
Couldn't an HDCP bypass "attack" always be done losslessly, given a known compression algorithm was used?
When DRM-protected video is displayed on an output device, these streams are sometimes saved and re-encoded, resulting in quality loss. However, let's say we can obtain the outputted video in a pixel-...
0
votes
1
answer
80
views
Why is the boot key used to access the encrypted SAM database hashes?
A quick something I’ve been wondering: why is the boot key used to access the encrypted SAM database hashes, (and not another key,) and also what encryption mechanism is actually used to encrypt the ...
0
votes
1
answer
109
views
How does iOS / Android device encryption work?
As far as I'm aware, a locked iOS is considered very safe. No one, who does not know the PIN cannot unlock the phone. While the PIN seems weak on the first glance (4 digits?) it is actually strong, ...
9
votes
5
answers
5k
views
Hash as filename to protect data
Requirement:
Users fill out a form which includes sensitive personal data and need to be able to download the content of this form for a limited time.
Question:
How useful / secure is it to create a ...
0
votes
2
answers
279
views
Is this solution I have programmed 100% hack-proof?
I have programmed something at work, and I believe it's been done in a way that's effectively 100% hack-proof even if I give full admin rights to the server.
In short, I have some legally sensitive ...
1
vote
1
answer
222
views
How does TLS-CRYPT-V2 work in OpenVPN?
I am configuring an OpenVPN server and I would like to use TLS-CRYPT-V2. For that, in the documentation, it is said that I have to create a TLS-CRYPT-V2 key for the server and one for each client, ...
0
votes
0
answers
43
views
How to allow users to securely use their private key to decrypt data in the browser [duplicate]
I'm working on an application where encrypted data can be stored on the server. Users can do this by obtaining public keys from the server, and use them to encrypt data locally before sending it to ...