Images, posts & videos related to "Key (cryptography)"

Public keys in EC cryptography are generally written in the form (x,y). How do you transform this into the byte parameter in Bouncy Castle crypto?

```
public static boolean verifyUsingSecp256k1(byte[] pub, byte[] dataForSigning,
BigInteger[] rs) throws Exception {
ECDSASigner signer = new ECDSASigner();
X9ECParameters params = SECNamedCurves.getByName("secp256k1");
ECDomainParameters ecParams = new ECDomainParameters(params.getCurve(),
params.getG(), params.getN(), params.getH());
ECPublicKeyParameters pubKeyParams = new ECPublicKeyParameters(ecParams
.getCurve().decodePoint(pub), ecParams);
signer.init(false, pubKeyParams);
return signer.verifySignature(dataForSigning, rs[0].abs(), rs[1].abs());
}
```

I found the above code, I have x and y values for the public key. How would I input this into this public key parameter? Because the public key accepts in the form of bytes. I've tried creating a new ECPoint in bouncycastle but it doesn't accept a point without it being part of a curve. I'm not using this since I don't understand much about the algorithm and dont know what affect it will have.

```
ECCurve curve = ecParams.getCurve();
ECPoint point = curve.createPoint(x, y);
```

Proving blog content provenance with GnuPG + general novice questions, re: private key cryptography

I posted this to /r/cybersecurity and someone replied suggesting that my questions would be more suitable for /r/GnuPG. So here it is, verbatim!

The main question I am trying to answer is this: How do I verify the authenticity of the content of a single webpage (index.html)? This is a basic, novice question but I qualify this question with the rest of this reddit post. Here I share some of my research. At the bottom Iβve got 10 follow up questions.

**WHAT I AM TRYING TO ACHIEVE:**

Cicadaβs 3301 message on pastebin from April 18, 2012 is an excellent demo of what I am trying to achieve.

To rephrase my initial question, my objective here is to first learn how to verify Cicadaβs message. My next goal is to learn how to do the same thing for my web content on my blog.

To better elaborate on my question and for future reference, Iβve leveraged DevDungeonβs βGPG Tutorialβ as my guide. I use this tutorial as a backgrounder to trace my steps at demonstrating a working understanding of managing keys, using encryption and finally signing and verifying signatures.

What I have learned so far:

For Arch/Manjaro, you can use: `$ sudo pacman -S gnupg`

. This is what Debian/Ubuntu users need to use: `$ sudo apt-get install gpg`

To generate your unique key, use: `$ gpg --gen-key`

Fill in your name, email address, and then a pop-up dialog box should appear where you get to choose a passphrase. The Intercept offers an excellent nuanced guide titled βPassphrases that you can memorize - - but that even the NSA canβt guessβ for choosing a secure passphrase. Once you have chosen yours, enter it. You may write it down on paper or print it and then place it in a secure physical location (called βcold storageβ) but be sure to never save this passphrase into a text file stored electronically on your computer.

To check your work, you may use: `$ gpg --list-secret-keys`

The DevDungeon guide then goes on to demonstrate how to export (backup), delete, and import (restore from backup) your newly created key.

When you invoked `$ gpg --list-secret-keys`

above, the output should have included a 40 character hexadecimal ID (below the βsecβ field and above the βuidβ). This hexadecimal number you can substitute for βXXXXXXXXβ into the following command: `$ gpg --export-secret-keys --armor XXXXXXXX > ./my-pri

Lightning Network routing is a multi-depot traveling salesman problem, the only way to solve it is to simultaneously break public/private key cryptography, 24:30 mark: youtu.be/RpWt2RKTTjQ?t=14β¦

I'm making an encryption GUI using Tkinter. I'm having issues getting the key to work as an entry in order to keep the key secure. it has an error with cryptography saying key must be 32 url-safe base 64-encoded bytes. Code in comments

#encryption key is hand written for secure use

from cryptography.fernet import Fernet

import tkinter

from tkinter import *

from tkinter import messagebox

from tkinter.filedialog import askopenfilename

def encrypt(file):

#using an Entry for typing in hand written key that was generated for both encryption and decryption

Key_Entry = StringVar(loggedin)

Key_Attempt = str(Key_Entry.get())

print(Key_Attempt)

key = Fernet(Key_Attempt)

with open(file, 'rb') as f:

encrypt_me = f.read()

encrypt_file = key.encrypt(encrypt_me)

with open(file, "wb") as f:

f.write(encrypt_file)

print("[+}%s Encryption sucess" %file)

def decrypt(file):

key = Fernet()

with open(file, 'rb') as f:

decrypt_me = f.read()

decrypt_file = key.decrypt(decrypt_me)

with open(file, "wb") as f:

f.write(decrypt_file)

print("[+] %s Decrypt Sucess" %file)

def encrypta():

path = askopenfilename()

encrypt(path)

def decrypta():

path = askopenfilename()

decrypt(path)

loggedin = tkinter.Tk()

loggedin.configure(bg = 'black')

loggedin.title('DCTv2')

tkinter.Label(loggedin, fg='green', bg='black', text='Enter key and select option').grid(row=2, column=1)

Key_Entry = tkinter.Entry(loggedin, fg='red', bg='black').grid(row=2, column=2)

choice1 = tkinter.Button(loggedin, fg='red', bg='black', height=5, width=15,

command= encrypta, text='Encrypt File').grid(row=3, column=1)

choice2 = tkinter.Button(loggedin, fg='blue', bg='black', height=5, width=15,

command= decrypta, text='Decrypt File').grid(row=3, column=2)

Attempt = StringVar()

loggedin.mainloop()

Cryptography 3.2: Ciphertext length must be equal to key size.

Hello everyone, I have to implement a protocol for data exchange between a client and a server.

To secure everything I am using RSA encryption. Now I know that I cannot encrypt big chuncks of data using RSA. So my plan is to encrypt the big data chuncks using Fernet and encrypt the key using the clients publickey such that the client can decrypt the Fernet Key using its private key and then decrypt the actual data.

For what I understood, I have to encode the encrypted message in base64 and then decode it before decrypting it. But when I try to decrypt the actual key I get a "Ciphertext length must be equal to key size." error.

Does anyone knows how can solve this?

Here are the methods I use to encrypt and decrypt

```
# Encrypt a msg using RSA method
def encrypt(msg, pubKey):
encrypted = {
"key": [],
"content": []
}
new_key = Fernet.generate_key()
f = Fernet(new_key)
encrypted["key"] = str(base64.b64encode(pubKey.encrypt(
new_key,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None
)
)))
print(encrypted["key"])
encrypted["content"] = str(base64.b64encode(f.encrypt(msg)))
return encrypted
def decrypt(msg, pubkey):
decrypted = pubkey.decrypt( <-- Error
base64.b64decode(msg["key"]),
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None
)
)
f = Fernet(decrypted)
return f.decrypt(msg["content"])
```

Understanding Bitcoin Cryptography - Basics of Public Key Crypto/Elliptic Curves youtu.be/5JVVY8euZHU

Why do Yubikeys use symmetric key cryptography?

Hi,

Crypto noob here, I've been reading this post by Yubico on how OTPs are generated. I'm curious as to why symmetric key cryptography was selected to generate the OTP. If Yubico's servers are hacked, the hacker would be able to generate spoofed OTPs for any user. This problem seems to be avoided if public key crypto is used, and Yubico stores only public keys instead of AES keys.

Public/Private Keys & Cryptography

Hi everyone!

I've passed A+ and Network+ and I am currently studying for the Security+ exam. I have basic knowledge of cryptography (enough to pass the previous tests), but I'd really like to have a firm understanding of it. Does anyone know of a website or video that clearly explains all of this? I just get really confused on where these keys are created and where they are stored. And do you use the same private key for all encrypted communication or do you get a new one each time?

Model S (pre-June 2018) Key Fob Upgrade For Robust Cryptography

I just stumbled over an old email exchange with our service center concerning the insecure key fobs that our 2016 Model S came with:

> Tesla says that Model X key fobs are less subject to those attacks since they already had βrobust cryptographyβ and Model S vehicles since June 2018 also come with the same key fobs. > > On top of the new security features, Tesla says that customers with older Model S key fobs can contact Teslaβs service department to upgrade their key fob.

Our service center stated that this is a retrofit with costs for swapping both key fobs as follows:

> KEY FOB, EU 433Mhz, MODEL S, DTS80 (1455937-00-A)

> Total for 2 units 266.66 β¬ ~ $315 (excl. sales tax)

Since some firmware versions ago there is a key fob upgrade feature in the service menu of our Model S, which obviously only works with the new key fobs, so the new ones even can be reprogrammed if new security holes need to be fixed?

At that time it did not seem worth the price, we have been using PIN-to-Drive ever since, but it's honestly quite tiresome having to enter the PIN every time you start the car, so if I'd go for the retrofit I'd disable PIN-to-Drive again in hope that the new "Robust Cryptography" is good enough.

So is that retrofit worth the costs?

Any opinions on this?

What is Public Key Cryptography? twilio.com/blog/what-is-pβ¦

Can't the problem of verifying whether a file has been tampered with be done with public key cryptography? Why is blockchain needed here?

Iβve heard that a proof showing that P = NP would break public key cryptography, but is that just for currently used methods or for all possible methods?

Basically if someone were to prove that P = NP would we never be able to implement any cryptographic scheme for public key cryptography? Are there any theoretical methods out there that we could use in case someone proves that P = NP? More generally, how screwed would we be when it comes to internet security?

How do you use the shortest vector problem for public key cryptography?

For the shortest vector problem, you reveal a bunch of vectors, and ask someone to combine multiples of them to find the shortest possible vector. This is a hard problem.

But what is the easy reverse problem? How do I produce a basis of vectors such that my secret short vector is indeed the shortest vector? And then what do I reveal as a public key?

Simplest explanation of the math behind Public Key Cryptography onebigfluke.com/2013/11/pβ¦

Which Universities in Europe to attend for a PhD in Public Key Cryptography?

Ofcourse the answer to this question may change based on the specific subfield. Yet, I was wondering some of the first places that come in mind in Europe when the topic is Public Key Cryptography.

Simplest explanation of the math behind Public Key Cryptography, seL4 is verified on RISC-V!, Using Spread Syntax to Merge Objects in JavaScript mailchi.mp/69d59c239bfc/9β¦

Easy explanation of Chapter 6/7 Cryptography and Symmetric Key Algorithms & PKI Cryptographic Applications

I am having difficulty understanding a couple of chapters and wonder if anyone has a good reference which makes this easier to understand? Topics: Chapter 6/7 Cryptography and Symmetric Key Algorithms & PKI Cryptographic Applications

Quantum cryptography keys for secure communication distributed 1,000 kilometers farther than previous attempts phys.org/news/2020-06-quaβ¦

"Cryptography can be used to limit access and can be restrictive. When a file is encrypted, it can only be accessed with the key. As such, it can act outside of state control and allow individuals to transmit illegal information as well as protecting privacy." twitter.com/Salty_u47/staβ¦

What's the difference between a public key cryptography, a One Time Pad, and the Vernam Cipher?

As I recall, they're quite unbreakable.

Cryptography: Diffie-Hellman key exchange explained intuitively using colors youtu.be/YEBfamv-_do?t=2mβ¦

Why is elliptic curve cryptography with 256 bits considered to be safer than RSA if the key is smaller? Shouldnβt it be easier to brute force?

Public-key cryptography in pure Lua 5.1?

I want to do key exchange via public chat channels in an online game that supports Lua plugins written in pure Lua 5.1.

Unfortunately I was not able to find anything useful in pure Lua 5.1. Just some basic RSA implementations that are way below any reasonable key size.

The only actually useful library I found was a curve 25519 NaCl implementation: https://github.com/philanc/plc/ but it's for Lua 5.3 and works with 64 bit integers and bitwise operators, so it won't work in 5.1.

I already spent a whole night trying to rewrite the above mentioned NaCl implementation to make it work in 5.1 but I failed because I am neither very experienced with Lua nor in elliptic curve cryptography.

Any advice and suggestions would be greatly appreciated!

Scientists have developed a "traffic light" that can bring quantum waves to a halt that could be key to harnessing the potential of the atomic world, eventually leading to breakthroughs in computing, medicine, cryptography, materials science and other applications. journals.aps.org/prl/abstβ¦

This new discovery enables large prime factorisation using standard computers thus rendering obsolete all static factorising encryptions presently used in public key cryptography. youtube.com/watch?v=yd_2Hβ¦

Quantum Cryptography Market Size & Growth, Trend, Segmentation, Top Key Players Analysis Industry, Opportunities and Forecast to 2026 β The Ukiah Post

This global quantum cryptography market report provides a holistic evaluation of the market for the forecast period up to 2026. The report comprises various segments as well as an analysis of trends and factors that are playing a substantial role in cryptography. https://www.ukiahpost.com/quantum-cryptography-market-size-growth-trend-segmentation-top-key-players-analysis-industry-opportunities-and-forecast-to-2026/

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.