Questions tagged [asymmetric]
Asymmetric cryptography, or public-key cryptography, is the foundation of security protocols that do not require shared secrets.
308 questions
1vote
0answers
77views
How can intermediary devices securely forward traffic using only session IDs in a symmetric encryption system, without risking MITM attacks? [closed]
I'm imagining a Utopian world where the internet nowadays doesn't have as much overhead as the OSI layer. In this world, network engineers never make mistakes, such as using IPv4, which has been ...
2votes
1answer
259views
Explaining output of GPG --export/--export-private-key key_id vs key_id!
I am a newcomer to GPG, and wanted to compare different ways of exporting keys, so I wrote the following shell script: #!/bin/bash for key in "FE..." "17.." "BB.."; do # ...
- 123
0votes
1answer
207views
Is encrypt a private key using the user password and store it into the server a bad idea?
I'm building a SaaS where some data needs to be stored in an encrypted format. You should be able to access this data from any device, as long as you remember your account credentials. Also, if you ...
- 103
1vote
1answer
197views
How exactly does OpenGPG protect private keys?
Today it was time again to generate some new PGP key pairs that will be used for end-to-end-encrypted email. Now I'd like to know how exactly OpenPGP protects the private keys. What I have understood ...
- 599
1vote
2answers
400views
File encryption using asynchronous keys, having a public key in the field
So for this project I'm looking into encrypting a binary. My binary should be protected by some means, making sure we know on the other end it was us who packaged/encrypted it. For this simple task ...
- 121
2votes
2answers
176views
Is there an asymmetric TOTP algorithm that avoids sharing a private key over public channels?
The commonly used Time based One Time Password (TOTP) system requires the initial sharing of a key. This presents a security risk, as acknowledged by Wikipedia referencing the RSA compromise: An ...
- 447
1vote
1answer
458views
Why does the Signal Protocol use a symmetric key for encryption- when asymmetric keys are more secure? [duplicate]
The Signal Protocol, as many of you would know, is used by many applications such as WhatsApp and Signal. These corporations, I can vouch for, would definitely use the most secure protocol they could- ...
- 4,735
0votes
2answers
67views
Infer information of private key from public key / CSR
is it possible to infer information like: algorithm, key length, mode etc. of the private key from the public key or CSR?
- 1
0votes
1answer
96views
relation passphrase and password-based key derivation
I am not totally sure how the following concepts are related, could someone please explain? password-based key derivation passphrase that can be passed to crypto.generateKeyPairSync (in Node.js) ...
- 15
0votes
1answer
129views
Encryption without a classic exchange scenario
I am working on a project where I need to securely encrypt and decrypt files on a product without the ability for direct communication or key derivation after the product is sold. The challenge is ...
- 1
0votes
2answers
139views
Asymmetric crypto algorithm for encryption with hardware token
Our product stores voucher data in a database. These voucher data can be retrieved with our app to display a voucher that can be used for payments. Obviously, these voucher data are extremely ...
1vote
1answer
134views
Write message that can be verified by any member of a group
I am trying to develop a scheme for publishing a message to a group of recipients. Any recipient needs to be able to verify who the message was sent by. There may be tens of messages generated each ...
- 111
0votes
1answer
1kviews
Consequences of stolen TLS private key
My understanding is that, when you connect to an HTTPS website, the communication is encrypted via asymmetric encryption, therefore private and public keys play a role there. My assumption there is ...
- 103
0votes
0answers
118views
Could a trusted CA pretend to be me and run a MITM? [duplicate]
Sorry for the basic question, I'm still wrapping my head around the ins and outs of SSL and asymmetric encryption. In order to better test my understanding, I was considering the following thought ...
3votes
2answers
2kviews
Create encryption key from decryption key (password)?
Alice has a password that she would like to use for decryption. Alice isn't able to store any other information, but she has access to any program/mechanism you choose. How can she create an ...
- 141
