cryptography

  1. GETRANDOM syscall's relation to kernel entropy pool state
  2. Secret Santa - implementation that does not require a participant to trust the server

  3. certutil -csplist DLL provider could not be found

  4. Does a CA need to have the same type of key as the certificates it is signing? RSA / Elliptic Curve (EC/ECDH/ECDSA)

  5. Using 128-bits as an input for hashing using SHAKE-3 (128-output)

  6. Discrete log problem - Presume adversary Eve has the public key, how can Eve generate all possible private keys?

  7. In cyptography what is "Key Space"?

  8. What's the difference between substitution and permutation in DES?
  9. Encryption using two keys
  10. Create a signed file from the detached signature and the clear text file content
  11. number of ciphertext-plaintext pairs needed in double encryption

  12. What is the name of this type of attack using transparent encryption?
  13. Online Diffe-Hellman Tool

  14. Example of application /websites use DHE for key exchange?

  15. How and in what context CSR works?

  16. How easily could a global network of machines break cryptography?
  17. LVM + LUKS: Why encryption sha512 is better than the default?
  18. Kerberos ticket lifetime

  19. What are the risks of a self-signed client certificate?
  20. How robust is duplicity encryption when the backup server is untrusted?
  21. Why haven't (most of) the Zodiac Killer's letters been decrypted?

  22. How does public/private key encryption work?

  23. Properly encrypt using AES-256 in CBC mode?
  24. XKCD #936: Short complex password, or long dictionary passphrase?

  25. RSA blind signature vs signing a *random* hash

  26. Google App Script as public gateway for database (spreadsheet)
  27. How can I read an encrypted text from a file and decrypt it?
  28. What encryption protocol is used by paragonie/Halite library by default?

  29. Why is it impossible to verify whether a file has been modified since creation?

  30. What are the differences between MD5, SHA and RSA?

  31. Do companies pay "protection money" to top math researchers in crypto-sensitive fields?

  32. Reverse encoded strings

  33. How to Cryptographically verify a request comes from a trusted server
  34. Need to determine the hash type
  35. SHA, RSA and the relation between them
  36. What’s wrong with in-browser cryptography in 2017?

  37. How to decrypt a file encrypted under multiple public keys GPG

  38. Generate subkeys based on less secure OpenPGP primary key
  39. Is it more secure to depend on a smaller set of cryptographic primitives?

  40. Does a completely random string produce a completely random hash

  41. Key Exchange Problem

  42. How can I explain to non-techie friends that "cryptography is good"?

  43. Is a part of an encrypted file easier to crack?
  44. What ciphers should I use in my web server after I configure my SSL certificate?

  45. Is `arc4random` secure enough?
  46. Most widely used non Cryptographic random number generators

  47. Using cryptography is it possible for offline devices to reliably communicate via QR code?

  48. Certificate authorities for a PKI
  49. Hashing, then encrypting the data combined with the hash, using the hash as the key
  50. Can an attacker make in-app-purchases of my products in their app?
  51. Is blockchain security dependent on number of transactions in time?
  52. Block size of CTR, CFB and OFB mode of AES in openssl

  53. Is it possible to securely sign data in a web browser?

  54. What's the difference between SSL, TLS, and HTTPS?

  55. What are rainbow tables and how are they used?
  56. iOS hardware-backed key attestation

  57. security of PKI, Certificates, certificate authorities, forward secrecy

  58. What if RSA was broken?

  59. Strong file encryption for sensitive data

  60. Is private key encryption to verify identity a weakness?
  61. How does Ring.cx really work, and how secure is it?
  62. Computationally simple, lightweight replacement for SSL/TLS

  63. How do some sites (e.g. online banks) only ask for specific characters from a password without storing it as plaintext?
  64. Would it be okay to check only a part of a hash value
  65. What does Amazon's S3 Server-side encryption protect against?

  66. What is the most crypto-resistive algorithm to safely send information?

  67. Key Exchange mechanism used in critical radio communication

  68. How to mutually share values without influencing senders
  69. How many iterations of Rabin-Miller should be used to generate cryptographic safe primes?

  70. Encrypted database, and partial decryption of columns
  71. If SSL private key is compromised, what can they do?
  72. Is Telegram secure?
  73. Is it possible to send encrypted data over an unencrpted network while hiding the fact that it is encrypted?

  74. Criteria for Selecting an HSM
  75. Why are these two hashes different?

  76. Can I use a private key as a public key and vice versa?

  77. AES-ECB known ciphertext/plaintext attack

  78. Password Hashing Flaw

  79. What is the difference between a Hash Function and a Cryptographic Hash Function?

  80. Why secure encrypted data consistency by strong hashing?
  81. Which keystore type is good for java / Tomcat based applications

  82. How does Google Authenticator work?
  83. Will changing the TLS Diffie-Hellman key exchange bit length from 1024 to 2048 cause client/browser compatibility issues?
  84. Can Hash Length Extension attacks be avoided by changing the data structure?

  85. Which approach provides more authenticity of image ownership: cropping, or reduced resolution?

  86. Is it still secure if a cryptographic key generated with OpenSSL while a backdoored HWRNG used?

  87. TLS- Concept of channel binding
  88. ELI5 why plausible deniability doesn't work in reality
  89. What does "don't roll your own security" mean?
  90. What is a cryptographic oracle?
  91. How to analyze and pick a good crypto related lib

  92. How do adversary models and security types relate

  93. Do any security experts recommend bcrypt for password storage?

  94. Why message digest should be kept secret?

  95. how to generate a pem certificate with Openssl using 'TLS1_ECDHE_RSA' ciphers for fips platform

  96. Bypass SSL Certificate Pinning using SSL Vulnerablilities

  97. How can I export my private key from a Java Keytool keystore?

  98. Password Hashing: add salt + pepper or is salt enough?

  99. How to encrypt in PHP, properly?

  100. Prevention of devices using same OTP secret