Encryption is the process of transforming plaintext using a cipher to make it unreadable to anyone except those possessing the key.
0
votes
0answers
1 view
Credential transport for networked game
I'm developing a networked game, and this game will require players to authenticate to the server. The both client and server are written in Java. I'm trying to find an efficient password transmission ...
9
votes
2answers
514 views
Linux: What is the point of encrypting home directory?
If I have selected a good password, and keep it secret, what is the point of encrypting my home directory, as a setup option with some flavors of Linux offer during setup? Won't the Linux permissions ...
2
votes
1answer
54 views
Is a VPN a good way to encrypt video stream data?
Let'say I have a device with a camera, and this device should stream the video data to a server. I want to prevent people connected on the same network of the camera to eavesdropping on my video ...
0
votes
0answers
13 views
Is it possible to partition VeraCrypt fully encrypted disk? [migrated]
I have a full-disk encryption applied on an external drive. Here's what I did:
Make sure disk is empty and there are no partitions on drive.
Create Volume > Encrypt a non-system partition/drive. I ...
0
votes
1answer
43 views
Bruteforce decrypt xml file without knowing file content?
I am trying to decrypt an .xml file, but I do not know what it contains.
What I do know:
starts with 6 character alphanumeric passphrase
passphrase is hashed by md5, or SHA1/2
AES128/256 encryption ...
5
votes
4answers
168 views
Does PCI actually require card informations to be encrypted in memory?
I saw in many places that card informations are kept encrypted even in memory, is that actually required by PCI? I don't see reason behind it, if attacked can get to the values, he can get to ...
0
votes
1answer
72 views
Can you encrypt memory of server which hold luks keys?
I have a cloud VM. It's Centos 7 and I used full disk encryption during install. I also installed dropbear SSH to remotely unlock said server in case of a reboot. No one but me have administrative ...
3
votes
3answers
39 views
Are there any instances where AES CBC + HMAC is preferred over the AES GCM mode?
I am just curious as to what extent AES GSM can replace the standard CBC + HMAC option.
0
votes
1answer
66 views
Insecure(Broken) https only in chrome
Shopping online today, I remembered to check if the website is https or not after I wrote my payment information in the checkout page. However, I find the https and when I tried to check who is the CA,...
-2
votes
0answers
47 views
how do i encrypt file name on upload and decrypt on download? [on hold]
made an asp.net web application which receives a file using file upload control and then encrypts file name on upload.
but when i redirect a user to file_address (so this user can download the file)
...
4
votes
1answer
95 views
What's after AES?
We've all already turned off RC2, RC4, DES, IDEA, and more. We are down to just 3DES and its replacement, AES. With the new BWAIN threatening 3DES (and blowfish), we seem to just have AES (and maybe ...
3
votes
1answer
73 views
Why is an IV needed when encrypting a private SSH key
Given a password protected private key like:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,D54228DB5838E32589695E83A22595C7
3+Mz0A4wqbMuyzrvBIHx1HNc2ZUZU2cPPRagDc3M+rv+...
2
votes
1answer
88 views
How can an NGO ensure secure mobile communication between HQ and their delegates in the field?
I work for an NGO that does engineering projects in several developing countries. Our delegates who are doing the field work are for the most part not very tech-savvy, i. e. they wouldn't know how to ...
1
vote
1answer
84 views
Is Telegram now secure enough to consider? [duplicate]
Though there have been similar questions left stagnant over the years, this seems relevant with news of WhatsApp privacy policy changes.
Has Telegram made serious improvements to issues like ...
0
votes
2answers
120 views
How secure is this encryption plan?
I am trying to figure out a good way to store a user's encrypted data in such a way that only the user can access it.
I have a master key located outside the web root, called $serverKey. And when a ...
-8
votes
0answers
50 views
What are the different tools used by security experts for different purposes? [closed]
Like the question says, what is the list of popular tools used by security professionals for vulnerability assessment?
1
vote
0answers
57 views
Is this a valid approach for multi-sign?
Requirement:
An "arbitrary text" should be encrypted, and keys distributed among 3 people, atleast two keys are needed to unlock.
Here is how I plan to do it, please let me know if I'm missing ...
1
vote
1answer
63 views
One-way function with conditions as inputs
I need to write a one-way function, with some conditions as inputs, for example:
if ((a==b && c==2 ) || (c > 10000))
return 1;
else
return 0;
The result would only be 2 values (e....
1
vote
2answers
119 views
Will quantum computing destroy all our present encryption? [duplicate]
I'm just wondering, because it seems like it would. Cryptography as a field may have to start all over from the beginning.
5
votes
1answer
71 views
Is bcrypt safe with the 64-bit block cipher birthday attack?
Recent research made it apparant that birthday attacks are now 'viable' on 64-bit block ciphers which Blowfish uses. (the paper in pdf)
At work we use BCrypt for password hashing, as I was thought ...
-2
votes
1answer
77 views
How to encrypt a file? [closed]
I created my own encrypt / decrypt script and I can encrypt any kind of strings. I just need to know how can I use my script to encrypt a file like an image or a text file?
My script is working in ...
5
votes
2answers
93 views
How does GnuPG know the initialization vector for decryption?
We can decrypt an encrypted file with correct passphrase. But how can it know the correct initialization vector during decryption? Isn't it generated randomly during encryption?
-1
votes
0answers
21 views
Is there a non-invertible function which can be applied over a matrix of size m*n? [closed]
I have a matrix of size m*n, i need a non-invertible function which should transform the input matrix in such a way that it is infeasible to retrieve the input matrix from the transformed one.
-1
votes
0answers
24 views
How unsecure is iCloud's Notes without server encryption?
https://support.apple.com/en-us/HT202303
Notice the asterisk next to encryption for Notes.
*Encryption is available only when you upgrade your notes with iOS 9 or later or OS X El Capitan.
4
votes
3answers
104 views
Why am I asked personal information when creating an OpenPGP key?
Today I learned about the basics of OpenPGP and tried to create my first OpenPGP key. However, I found a couple of options suspicious - in the GUI version of the program I downloaded there are fields ...
1
vote
1answer
47 views
Combining Boxcryptor and encrypted cloud service
I want to store highly critical documents on a cloud storage as an additional backup. I am using boxcryptor which encrypts files before these get synced to cloud. Boxcryptor encrypts files using AES-...
1
vote
2answers
68 views
Web-based KeePass-like solution security
I am considering creating a web-based KeePass-like solution in Symfony 3 (PHP) to have the password safe with few other functionalities added. I want to make sure there are no major security flaws. ...
2
votes
1answer
44 views
How does the password protect the data keys on an encrypted HDD / SSD?
How is the data key used for full disk encryption protected? Is a wrapping key derived from the password, or is it simply unlocked once the password has been supplied? If an existing or proprietary ...
0
votes
2answers
82 views
Is LUKS effective?
I ask this because encrypting an hard drive using LUKS takes a few seconds while encrypting the same drive using Bitlocker takes several hours. Does that mean LUKS encryption is weaker?
0
votes
2answers
92 views
Is encryption an efficient way to protect digital media?
Recently my friend and I were discussing his idea of protecting the digital media that he has been generating.
His initial idea was to encode the data using proprietary encoding algorithm and ...
3
votes
0answers
84 views
How to differentiate between encrypted and unencrypted bluetooth traffic while using wireshark?
I captured bluetooth traffic between a master vault Bluetooth smart padlock and an iPhone 6s. This was done using a bluetooth sniffer and the captured traffic was stored to a pcap file. Analysing it ...
6
votes
1answer
128 views
How secure is hardware Full disk encryption (FDE) for SSD's
Is there any research as to how secure hardware encryption of SSD's is - for example Samsung EVO 850? Or at least any articles that explain how it works?
1
vote
1answer
34 views
How to document the Encryption or Hashing Method used in a Document?
I am building a plain Text Editor that allows to encrypt, hash or sign passages.
Since I want to allow for different Methods (symm/asymm, #Bits etc.), possibly even within the same document, the ...
1
vote
0answers
21 views
Could a collection of data be engineered to encrypt predictably using standard encryption algorithms? [migrated]
Thinking about the rather new problem of Cryptolocker and other crypto-randomware, huge amounts of damage are being caused by malicious actors simply using modern encryption algorithms to encrypt a ...
0
votes
1answer
36 views
What is the best way to enhance weak keys for mysql aes_encrypt() function
I need to store data in mysql database using aes_encrypt() function.
The key in the case of above mentioned function is padded with zero when its length is less than 16 bytes.
My question is: How ...
0
votes
0answers
8 views
What software I should use to encrypt my external hard disk? [migrated]
I have some external hard disk. I was encrypted them with the default encryption utility that comes with OS X. So I get encrypted HFS+ disk. Now I need to encrypt the same disks, but I need to be able ...
2
votes
3answers
124 views
How to securely store passwords for an online team based password manager?
I want to create a secure online team based password manager?
The idea is that I want to be able to share passwords with other people on the team, in a secure way, such that if the entire database is ...
1
vote
2answers
92 views
Various questions about file compression and encryption regarding hacking (zip, rar, 7z) [closed]
So I'm curious about a few aspects of compressed files (Zip, rar, 7z, etc), and how they impact hack-ability. There is enough on this subject that I'm not clear about (since this isn't a career of ...
1
vote
0answers
45 views
Full Disk Encryption, if my HDD isn't bootable? [migrated]
I want to find out how to encrypt my HDD, if I plan to boot live operating systems and just use it as storage.
The operating systems in question will probably be some Debian-distro linux and Windows ...
0
votes
1answer
87 views
Whatsapp security
In the web page of Whatsapp there is the following:
WhatsApp's end-to-end encryption ensures only you and the person you're communicating with can read what is sent, and nobody in between, not ...
0
votes
1answer
42 views
Secure messenger in web page
I need to make the Messenger in the web page secure. For that I use encryption with AES.
So, when one person writes another, the message is encrypted, sent to the server, saved in the DB, and then ...
-1
votes
0answers
41 views
Decrypt Data From Packet Capture Without Private Key Or Machine Access
I've been given a little exercise as I'm new to pen testing. I've been given a sample network capture (pcapng, to be precise), and I've been tasked with getting a password from it. I can see there are ...
1
vote
0answers
83 views
How do I find a digital (non-WiFi) baby monitor with an encrypted signal?
What would I look for to see if a digital baby monitor (audio or video, but non-IP/WiFi) has an actual encrypted signal, or at least something to defend against the following threat model?
As I'm not ...
4
votes
2answers
77 views
Deriving and storing an AES key for SQLite DB on iOS
I've read up on various Q&A here on how to manage encryption of a local SQLite database on iOS, and from what I've seen, pretty much everyone agrees that it's bad, BAD idea to store the encryption ...
4
votes
1answer
136 views
Does encrypting information multiple times with only small changes weaken security?
Suppose I have work in progress which I want to back up each week, so at the end of each week I take the current version of my document or folder, encrypt it and upload it to Dropbox or another kind ...
1
vote
0answers
55 views
Secure javascript encryption libraries? [closed]
I'm looking for a javascript library to use on top of ssl, and by secure I mean time tested or "mature" enough. I'm just trying to be fairly cautious with this because I have read in other places on ...
0
votes
0answers
52 views
Feedback about security of “zero knwoledge server” approach
I'm thinking about the design of a "secure" server-based system, in which parties consisting of 1..n users exchange data.
The main security requirement here is that the server may not see any ...
0
votes
0answers
20 views
How should Vormetric be configured to secure .NET access to encrypted data
We're using Vormetric to encrypt data at rest, and have a .NET application (running behind IIS 7 on Windows Server 2008 R2 SP1) we'd like to configure so
The application has access to Vormetric ...
0
votes
1answer
35 views
How to display a result of a decryption on a webpage so that malicious extensions or MiMers don't have enough time? [closed]
As it says on the tin.
I'd like to build something akin to a privnote clone, except I want to be 100% sure of the code, me having to write it and all. I the link contains the decryption key, there's ...
0
votes
0answers
64 views
What is the form of security I should use for my TCP multiplayer game
I am making a multiplayer game in VB. It uses TCP to connect from other computers (as clients) to my computer (acting as the server). Although I only plan on distributing the client programs to a ...
