<we><edit> <!-- questions and answers -->
xss
android
javascript
known-vulnerabilities
physical
network
web-application
certificates
server
databases
chrome
vulnerability
windows
denial-of-service
http
ip
mysql
ports
multi-factor
ios
malware
java
nmap
email
password-policy
cryptography
Is it secure to use a keystore that stores the password as a reversibly encoded string?
cryptography
Does "crypto offloading" require the use of ASICs? Can the concept be applied elsewhere?
cryptography
terminology
ccsp
How can i calculate the number of possible passwords?
cryptography
brute-force
cryptanalysis
Unix command to generate cryptographically secure random string
cryptography
linux
random
unix
Why can RSA-OAEP padded mail be decrypted using OpenSSL 1.0.1e?
encryption
cryptography
openssl
rsa
Google App Script as public gateway for database (spreadsheet)
authentication
cryptography
penetration-test
http
android
Is it good practice to store information about a subkey inside a hash?
authentication
passwords
cryptography
hash
Secret Santa - implementation that does not require a participant to trust the server
encryption
cryptography
protocols
Are giant shell scripts ideal for the governance of a git repository?
encryption
cryptography
pgp
python
git
Dictionary Attack on SHA-1 hashes
cryptography
python
Padlocks suitable as teaching aids for public key cryptography - do they exist?
encryption
cryptography
locks
padlocks
TLS, how to share the symmetric key in a safe way
encryption
tls
network
cryptography
Which is the correct algorithm while checksumming a portion of code?
cryptography
hash
integrity
Key Management TCP
encryption
cryptography
tcp
raspberry-pi
number of ciphertext-plaintext pairs needed in double encryption
encryption
cryptography
Securing .so file access permissions
encryption
cryptography
android
mobile
c
Password Hashing: add salt + pepper or is salt enough?
cryptography
passwords
hash
salt
hmac
Programming of cryptography Algorithm
encryption
cryptography
rsa
algorithm
des
Are there any serious problems with this technique for generating symmetric keys?
cryptography
encryption
key-management
protocols
Can I use /dev/urandom for generating cryptographic keys?
cryptography
devrandom
How does digital signatures provide integrity?
cryptography
digital-signature
Why does WannaCry use different AES keys to encrypt different files on host?
encryption
cryptography
public-key-infrastructure
aes
ransomware
How does master secret calculates in encryption protocol used by WhatsApp?
encryption
cryptography
whatsapp
Which block cipher should be used in TLS 1.2 (while keeping 1.3 in mind)?
tls
cryptography
aes
Is this usage of AES-CBC dangerous
cryptography
attacks
aes
attack-prevention
Encrypt and Data-Integrity: h=CRC-8(m) and c=Encrypt(k,m) then send (h,c) over a channel. Secure?
cryptography
What is stronger - WPA2 Enterprise with 2048 bit key, or Personal with 63 character passphrase?
cryptography
wifi
wpa2
wpa2-eap
wpa-enterprise
CryptoAPI to CommonCrypto with RC4
encryption
cryptography
windows
macosx
rc4
SSH ED25519 Key Extract pk (32 bit)
cryptography
openssh
GETRANDOM syscall's relation to kernel entropy pool state
cryptography
random
entropy
Encryption on the GPU, safer or not?
cryptography
How to make sure that the public key has not been tampered with during transit?
encryption
cryptography
public-key-infrastructure
man-in-the-middle
For what malicious activity can one use a computer with a high-end GPU?
cryptography
passwords
exploit
Tor: Is a diffie-helman key exchange being done over reciepient of traffic?
cryptography
privacy
tor
key-exchange
Why is Math.random() not designed to be cryptographically secure?
cryptography
javascript
random
Is signing safe from brute force attacks?
cryptography
brute-force
hmac
code-signing
how to discover what encryption model is used and how to discover encryption key
encryption
cryptography
aes
decryption
md5
Online Diffe-Hellman Tool
encryption
cryptography
appsec
diffie-hellman
How can I explain "zero knowledge proof" to an end user?
cryptography
bitcoin
documentation
end-user
How does OpenSSL generate a big prime number so fast?
cryptography
openssl
rsa
Diffie Hellman vs Three Pass Exchange
cryptography
key-generation
key-exchange
diffie-hellman
SSH key based login is not vulenerable to MiTM attack. Is it true?
tls
cryptography
man-in-the-middle
ssh
key-exchange
Store encrypted user data in database
encryption
cryptography
Authentication of an indefinite number of technicians in an offline scenario
authentication
cryptography
service-account
Does a signed hash reveal any information about the original message?
cryptography
digital-signature
data-leakage
TLS 1.2 and enable only AEAD ciphers suite list
tls
cryptography
ciphers
Do symmetric cryptographic primitives provide both integrity and confidentiality?
cryptography
integrity
confidentiality
Is it safe to include the IV at the end of a hash?
encryption
cryptography
aes
initialisation-vector
Why does TLS 1.3 deprecate custom DHE groups?
tls
cryptography
protocols
key-exchange
diffie-hellman
What kind of encryption is generally used for api keys?
cryptography
rsa
In cyptography what is "Key Space"?
cryptography
terminology
des
Secure keys in hardware
encryption
cryptography
android
hardware
RSA relation to SSH key exchange
cryptography
ssh
rsa
diffie-hellman
How do Access Points manage attempted Passwords?
cryptography
wifi
wireless
router
Modeling a per-process file based encryption for linux
encryption
cryptography
linux
process
Encrypting file in Javascript before sending them to Google Storage
encryption
cryptography
Securing hotspot with maintaining Deep packet İnspection
cryptography
hash
appsec
mobile
hotspot
How to determine what type of encoding/encryption has been used?
cryptography
encryption
cryptanalysis
Hide algorithm and variables
cryptography
algorithm
How to store data on server without an ability to read it?
encryption
cryptography
databases
websites
What approaches exist for ensuring security when deploying software in non-trusted environments?
encryption
cryptography
software
docker
Would it be okay to check only a part of a hash value
authentication
cryptography
hash
md5
ssh-host-key
Why does Windows still use a weak hashing algorthim to protect passwords?
cryptography
hash
Encryption and Hash in Veracrypt
encryption
cryptography
veracrypt
Would an encryption scheme that generates an extra key to be securely stored offsite be a safe backdoor?
encryption
cryptography
backdoor
Visual verification of DH parameter hashes vs derived password hashes
cryptography
hash
diffie-hellman
Can you construct a non-lossy steganographic filesystem
cryptography
file-system
How can I export my private key from a Java Keytool keystore?
appsec
cryptography
key-management
certificates
java
Can a bitcoin hierarchical deterministic type 2 wallet be brute forced?
cryptography
bitcoin
Why would be an attacker interested in whether a cryptographic key exchange protocol succeeded or not?
cryptography
key-exchange
What is the proper server-side mitigation for the Lucky13 vulnerability (CVE-2013-0169) on a Windows server?
encryption
tls
cryptography
vulnerability
windows-server
Collision Free and Keyed-Hash Message Authentication Code
authentication
cryptography
hmac
What is the name of this type of attack using transparent encryption?
cryptography
attacks
backup
How does mail email services decrypt an encrypted mail without having the sender's Public Key?
encryption
cryptography
email
protonmail
is it secure to use sha256 to hash 64 cryptographically random byte data with 12 byte salt?
encryption
cryptography
hash
php
sha
Is it possible to use a public key directly with smime or enc in openssl while encrypting a file?
encryption
cryptography
file-encryption
decryption
smime
Is it ok to use 6 as a cost of bcrypt algortihm for 64 chars string?
encryption
cryptography
hash
php
bcrypt
What is the purpose of associated authenticated data in AEAD?
encryption
tls
cryptography
openssl
Using an in-browser tabula recta to generate passwords
passwords
cryptography
password-management
javascript
password-cracking
Can a really simple example be created
cryptography
How secure is Ubuntu's default full-disk encryption?
encryption
cryptography
disk-encryption
luks
Generate new key - ECC vs RSA
cryptography
pgp
rsa
ecc
How server ensures mobile application is running in TEE?
cryptography
mobile
HTTPS flow clarification
encryption
tls
cryptography
web-browser
webserver
does anyone know how this text is encrypted?
encryption
cryptography
ciphers
Should RSA public exponent be only in {3, 5, 17, 257 or 65537} due to security considerations?
cryptography
encryption
cryptanalysis
How often ciphers are used through an IPSEC session
encryption
cryptography
rsa
sha
ipsec
How does the Signal Protocol, used by WhatsApp, work?
encryption
cryptography
whatsapp
RSA blind signature vs signing a *random* hash
cryptography
digital-signature
blinding
Preventing fraud in bitcoin mining pools
cryptography
trust
fraud
bitcoin
Is salting a hash really as secure as common knowledge implies?
passwords
cryptography
hash
salt
Are there techniques or methods to develop security protocols without side channel attacks?
cryptography
protocols
timing-attack
side-channel
Does prepending a salt to the password instead of inserting it in the middle decrease security?
cryptography
passwords
hash
salt
What is the Highest Level of Encryption (As of 2018)
encryption
cryptography
linux
Are passwords longer than 128 bits useless if hashed with MD5?
passwords
cryptography
brute-force
md5
Does storing two components of a secret in two places increase safety?
cryptography
security-theater
TrueCrypt dataleaks that might betray the "Deniable File System" option
cryptography
privacy
steganography
truecrypt
Why shouldn't we roll our own?
cryptography
custom-scheme
Two takes on PHP two way encryption - which one is preferable?
encryption
cryptography
php
How many iterations of Rabin-Miller should be used to generate cryptographic safe primes?
cryptography
key-generation