Public keys in EC cryptography are generally written in the form (x,y). How do you transform this into the byte parameter in Bouncy Castle crypto?
public static boolean verifyUsingSecp256k1(byte[] pub, byte[] dataForSigning,
    BigInteger[] rs) throws Exception {
  ECDSASigner signer = new ECDSASigner();
  X9ECParameters params = SECNamedCurves.getByName("secp256k1");
  ECDomainParameters ecParams = new ECDomainParameters(params.getCurve(),
      params.getG(), params.getN(), params.getH());
  ECPublicKeyParameters pubKeyParams = new ECPublicKeyParameters(ecParams
      .getCurve().decodePoint(pub), ecParams);
  signer.init(false, pubKeyParams);
  return signer.verifySignature(dataForSigning, rs[0].abs(), rs[1].abs());
}

I found the above code, I have x and y values for the public key. How would I input this into this public key parameter? Because the public key accepts in the form of bytes. I've tried creating a new ECPoint in bouncycastle but it doesn't accept a point without it being part of a curve. I'm not using this since I don't understand much about the algorithm and dont know what affect it will have.

 ECCurve curve = ecParams.getCurve();
		  ECPoint point = curve.createPoint(x, y);
πŸ‘︎ 7
πŸ“°︎ r/javahelp
πŸ’¬︎
πŸ“…︎ Apr 07 2021
🚨︎ report
Proving blog content provenance with GnuPG + general novice questions, re: private key cryptography

I posted this to /r/cybersecurity and someone replied suggesting that my questions would be more suitable for /r/GnuPG. So here it is, verbatim!

The main question I am trying to answer is this: How do I verify the authenticity of the content of a single webpage (index.html)? This is a basic, novice question but I qualify this question with the rest of this reddit post. Here I share some of my research. At the bottom I’ve got 10 follow up questions.

WHAT I AM TRYING TO ACHIEVE:

Cicada’s 3301 message on pastebin from April 18, 2012 is an excellent demo of what I am trying to achieve.

To rephrase my initial question, my objective here is to first learn how to verify Cicada’s message. My next goal is to learn how to do the same thing for my web content on my blog.

To better elaborate on my question and for future reference, I’ve leveraged DevDungeon’s β€œGPG Tutorial” as my guide. I use this tutorial as a backgrounder to trace my steps at demonstrating a working understanding of managing keys, using encryption and finally signing and verifying signatures.

What I have learned so far:

For Arch/Manjaro, you can use: $ sudo pacman -S gnupg. This is what Debian/Ubuntu users need to use: $ sudo apt-get install gpg

To generate your unique key, use: $ gpg --gen-key

Fill in your name, email address, and then a pop-up dialog box should appear where you get to choose a passphrase. The Intercept offers an excellent nuanced guide titled β€œPassphrases that you can memorize - - but that even the NSA can’t guess” for choosing a secure passphrase. Once you have chosen yours, enter it. You may write it down on paper or print it and then place it in a secure physical location (called β€˜cold storage’) but be sure to never save this passphrase into a text file stored electronically on your computer.

To check your work, you may use: $ gpg --list-secret-keys

The DevDungeon guide then goes on to demonstrate how to export (backup), delete, and import (restore from backup) your newly created key.

When you invoked $ gpg --list-secret-keys above, the output should have included a 40 character hexadecimal ID (below the β€˜sec’ field and above the β€˜uid’). This hexadecimal number you can substitute for β€˜XXXXXXXX’ into the following command: `$ gpg --export-secret-keys --armor XXXXXXXX > ./my-pri

... keep reading on reddit ➑

πŸ‘︎ 7
πŸ“°︎ r/GnuPG
πŸ’¬︎
πŸ‘€︎ u/Drone4four
πŸ“…︎ Feb 27 2021
🚨︎ report
Lightning Network routing is a multi-depot traveling salesman problem, the only way to solve it is to simultaneously break public/private key cryptography, 24:30 mark: youtu.be/RpWt2RKTTjQ?t=14…
πŸ‘︎ 12
πŸ“°︎ r/bitcoincashSV
πŸ’¬︎
πŸ‘€︎ u/Truth__Machine
πŸ“…︎ Mar 08 2021
🚨︎ report
I'm making an encryption GUI using Tkinter. I'm having issues getting the key to work as an entry in order to keep the key secure. it has an error with cryptography saying key must be 32 url-safe base 64-encoded bytes. Code in comments

#encryption key is hand written for secure use

from cryptography.fernet import Fernet

import tkinter

from tkinter import *

from tkinter import messagebox

from tkinter.filedialog import askopenfilename

def encrypt(file):

#using an Entry for typing in hand written key that was generated for both encryption and decryption

Key_Entry = StringVar(loggedin)

Key_Attempt = str(Key_Entry.get())

print(Key_Attempt)

key = Fernet(Key_Attempt)

with open(file, 'rb') as f:

encrypt_me = f.read()

encrypt_file = key.encrypt(encrypt_me)

with open(file, "wb") as f:

f.write(encrypt_file)

print("[+}%s Encryption sucess" %file)

def decrypt(file):

key = Fernet()

with open(file, 'rb') as f:

decrypt_me = f.read()

decrypt_file = key.decrypt(decrypt_me)

with open(file, "wb") as f:

f.write(decrypt_file)

print("[+] %s Decrypt Sucess" %file)

def encrypta():

path = askopenfilename()

encrypt(path)

def decrypta():

path = askopenfilename()

decrypt(path)

loggedin = tkinter.Tk()

loggedin.configure(bg = 'black')

loggedin.title('DCTv2')

tkinter.Label(loggedin, fg='green', bg='black', text='Enter key and select option').grid(row=2, column=1)

Key_Entry = tkinter.Entry(loggedin, fg='red', bg='black').grid(row=2, column=2)

choice1 = tkinter.Button(loggedin, fg='red', bg='black', height=5, width=15,

command= encrypta, text='Encrypt File').grid(row=3, column=1)

choice2 = tkinter.Button(loggedin, fg='blue', bg='black', height=5, width=15,

command= decrypta, text='Decrypt File').grid(row=3, column=2)

Attempt = StringVar()

loggedin.mainloop()

πŸ‘︎ 6
πŸ“°︎ r/learnpython
πŸ’¬︎
πŸ‘€︎ u/bulletsponge3700
πŸ“…︎ Jan 21 2021
🚨︎ report
Cryptography 3.2: Ciphertext length must be equal to key size.

Hello everyone, I have to implement a protocol for data exchange between a client and a server.

To secure everything I am using RSA encryption. Now I know that I cannot encrypt big chuncks of data using RSA. So my plan is to encrypt the big data chuncks using Fernet and encrypt the key using the clients publickey such that the client can decrypt the Fernet Key using its private key and then decrypt the actual data.

For what I understood, I have to encode the encrypted message in base64 and then decode it before decrypting it. But when I try to decrypt the actual key I get a "Ciphertext length must be equal to key size." error.

Does anyone knows how can solve this?

Here are the methods I use to encrypt and decrypt

# Encrypt a msg using RSA method 
def encrypt(msg, pubKey):
    encrypted = {
        "key": [],
        "content": []
    }

    new_key = Fernet.generate_key()
    f = Fernet(new_key)

    encrypted["key"] = str(base64.b64encode(pubKey.encrypt(
        new_key, 
        padding.OAEP(
            mgf=padding.MGF1(algorithm=hashes.SHA256()),
            algorithm=hashes.SHA256(),
            label=None
        )
    )))

    print(encrypted["key"])

    encrypted["content"] = str(base64.b64encode(f.encrypt(msg)))

    return encrypted


def decrypt(msg, pubkey):
    decrypted = pubkey.decrypt( <-- Error
        base64.b64decode(msg["key"]),
        padding.OAEP(
            mgf=padding.MGF1(algorithm=hashes.SHA256()),
            algorithm=hashes.SHA256(),
            label=None
        )
    )
    f = Fernet(decrypted)
    return f.decrypt(msg["content"])
πŸ‘︎ 2
πŸ“°︎ r/learnpython
πŸ’¬︎
πŸ‘€︎ u/_TheBatzOne_
πŸ“…︎ Jan 02 2021
🚨︎ report
Understanding Bitcoin Cryptography - Basics of Public Key Crypto/Elliptic Curves youtu.be/5JVVY8euZHU
πŸ‘︎ 9
πŸ“°︎ r/btc
πŸ’¬︎
πŸ‘€︎ u/pgh_ski
πŸ“…︎ Dec 29 2020
🚨︎ report
Why do Yubikeys use symmetric key cryptography?

Hi,

Crypto noob here, I've been reading this post by Yubico on how OTPs are generated. I'm curious as to why symmetric key cryptography was selected to generate the OTP. If Yubico's servers are hacked, the hacker would be able to generate spoofed OTPs for any user. This problem seems to be avoided if public key crypto is used, and Yubico stores only public keys instead of AES keys.

πŸ‘︎ 29
πŸ“°︎ r/crypto
πŸ’¬︎
πŸ‘€︎ u/bob_flanagan
πŸ“…︎ Nov 06 2020
🚨︎ report
Understanding Bitcoin Cryptography - Basics of Public Key Crypto/Elliptic Curves youtu.be/5JVVY8euZHU
πŸ‘︎ 2
πŸ“°︎ r/CryptoCurrency
πŸ’¬︎
πŸ‘€︎ u/pgh_ski
πŸ“…︎ Dec 29 2020
🚨︎ report
Public/Private Keys & Cryptography

Hi everyone!
I've passed A+ and Network+ and I am currently studying for the Security+ exam. I have basic knowledge of cryptography (enough to pass the previous tests), but I'd really like to have a firm understanding of it. Does anyone know of a website or video that clearly explains all of this? I just get really confused on where these keys are created and where they are stored. And do you use the same private key for all encrypted communication or do you get a new one each time?

πŸ‘︎ 2
πŸ“°︎ r/CompTIA
πŸ’¬︎
πŸ‘€︎ u/smillerlou
πŸ“…︎ Dec 08 2020
🚨︎ report
Model S (pre-June 2018) Key Fob Upgrade For Robust Cryptography

I just stumbled over an old email exchange with our service center concerning the insecure key fobs that our 2016 Model S came with:

> Tesla says that Model X key fobs are less subject to those attacks since they already had β€œrobust cryptography” and Model S vehicles since June 2018 also come with the same key fobs. > > On top of the new security features, Tesla says that customers with older Model S key fobs can contact Tesla’s service department to upgrade their key fob.

Our service center stated that this is a retrofit with costs for swapping both key fobs as follows:

> KEY FOB, EU 433Mhz, MODEL S, DTS80 (1455937-00-A)
> Total for 2 units 266.66 € ~ $315 (excl. sales tax)

Since some firmware versions ago there is a key fob upgrade feature in the service menu of our Model S, which obviously only works with the new key fobs, so the new ones even can be reprogrammed if new security holes need to be fixed?

At that time it did not seem worth the price, we have been using PIN-to-Drive ever since, but it's honestly quite tiresome having to enter the PIN every time you start the car, so if I'd go for the retrofit I'd disable PIN-to-Drive again in hope that the new "Robust Cryptography" is good enough.

So is that retrofit worth the costs?
Any opinions on this?

πŸ‘︎ 18
πŸ“°︎ r/teslamotors
πŸ’¬︎
πŸ‘€︎ u/TeslaBargain
πŸ“…︎ Aug 25 2020
🚨︎ report
What is Public Key Cryptography? twilio.com/blog/what-is-p…
πŸ‘︎ 9
πŸ“°︎ r/programming
πŸ’¬︎
πŸ‘€︎ u/mooreds
πŸ“…︎ Sep 09 2020
🚨︎ report
Can't the problem of verifying whether a file has been tampered with be done with public key cryptography? Why is blockchain needed here?
πŸ‘︎ 11
πŸ“°︎ r/VIDT
πŸ’¬︎
πŸ‘€︎ u/lTortle
πŸ“…︎ Aug 16 2020
🚨︎ report
I’ve heard that a proof showing that P = NP would break public key cryptography, but is that just for currently used methods or for all possible methods?

Basically if someone were to prove that P = NP would we never be able to implement any cryptographic scheme for public key cryptography? Are there any theoretical methods out there that we could use in case someone proves that P = NP? More generally, how screwed would we be when it comes to internet security?

πŸ‘︎ 10
πŸ“°︎ r/cryptography
πŸ’¬︎
πŸ‘€︎ u/0xE4-0x20-0xE6
πŸ“…︎ Jul 19 2020
🚨︎ report
How do you use the shortest vector problem for public key cryptography?

For the shortest vector problem, you reveal a bunch of vectors, and ask someone to combine multiples of them to find the shortest possible vector. This is a hard problem.

But what is the easy reverse problem? How do I produce a basis of vectors such that my secret short vector is indeed the shortest vector? And then what do I reveal as a public key?

πŸ‘︎ 9
πŸ“°︎ r/cryptography
πŸ’¬︎
πŸ‘€︎ u/XiPingTing
πŸ“…︎ Jul 27 2020
🚨︎ report
Simplest explanation of the math behind Public Key Cryptography onebigfluke.com/2013/11/p…
πŸ‘︎ 7
πŸ“°︎ r/programming
πŸ’¬︎
πŸ‘€︎ u/illuminated-geerd
πŸ“…︎ Jun 04 2020
🚨︎ report
Which Universities in Europe to attend for a PhD in Public Key Cryptography?

Ofcourse the answer to this question may change based on the specific subfield. Yet, I was wondering some of the first places that come in mind in Europe when the topic is Public Key Cryptography.

πŸ‘︎ 14
πŸ“°︎ r/crypto
πŸ’¬︎
πŸ“…︎ Mar 28 2020
🚨︎ report
Simplest explanation of the math behind Public Key Cryptography, seL4 is verified on RISC-V!, Using Spread Syntax to Merge Objects in JavaScript mailchi.mp/69d59c239bfc/9…
πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/pekalicious
πŸ“…︎ Jul 06 2020
🚨︎ report
Easy explanation of Chapter 6/7 Cryptography and Symmetric Key Algorithms & PKI Cryptographic Applications

I am having difficulty understanding a couple of chapters and wonder if anyone has a good reference which makes this easier to understand? Topics: Chapter 6/7 Cryptography and Symmetric Key Algorithms & PKI Cryptographic Applications

πŸ‘︎ 2
πŸ“°︎ r/cissp
πŸ’¬︎
πŸ‘€︎ u/thecloseman
πŸ“…︎ Apr 21 2020
🚨︎ report
Quantum cryptography keys for secure communication distributed 1,000 kilometers farther than previous attempts phys.org/news/2020-06-qua…
πŸ‘︎ 3
πŸ’¬︎
πŸ‘€︎ u/iciq
πŸ“…︎ Jun 16 2020
🚨︎ report
"Cryptography can be used to limit access and can be restrictive. When a file is encrypted, it can only be accessed with the key. As such, it can act outside of state control and allow individuals to transmit illegal information as well as protecting privacy." twitter.com/Salty_u47/sta…
πŸ‘︎ 5
πŸ“°︎ r/bitcoincashSV
πŸ’¬︎
πŸ‘€︎ u/satoshi_vision
πŸ“…︎ Feb 16 2020
🚨︎ report
What's the difference between a public key cryptography, a One Time Pad, and the Vernam Cipher?

As I recall, they're quite unbreakable.

πŸ‘︎ 10
πŸ“°︎ r/cryptography
πŸ’¬︎
πŸ‘€︎ u/luigirovatti1
πŸ“…︎ Feb 29 2020
🚨︎ report
Cryptography: Diffie-Hellman key exchange explained intuitively using colors youtu.be/YEBfamv-_do?t=2m…
πŸ‘︎ 3k
πŸ“°︎ r/programming
πŸ’¬︎
πŸ“…︎ Jan 16 2018
🚨︎ report
Why is elliptic curve cryptography with 256 bits considered to be safer than RSA if the key is smaller? Shouldn’t it be easier to brute force?
πŸ‘︎ 25
πŸ“°︎ r/cryptography
πŸ’¬︎
πŸ‘€︎ u/phi_array
πŸ“…︎ Nov 22 2019
🚨︎ report
Public-key cryptography in pure Lua 5.1?

I want to do key exchange via public chat channels in an online game that supports Lua plugins written in pure Lua 5.1.

Unfortunately I was not able to find anything useful in pure Lua 5.1. Just some basic RSA implementations that are way below any reasonable key size.

The only actually useful library I found was a curve 25519 NaCl implementation: https://github.com/philanc/plc/ but it's for Lua 5.3 and works with 64 bit integers and bitwise operators, so it won't work in 5.1.

I already spent a whole night trying to rewrite the above mentioned NaCl implementation to make it work in 5.1 but I failed because I am neither very experienced with Lua nor in elliptic curve cryptography.

Any advice and suggestions would be greatly appreciated!

πŸ‘︎ 3
πŸ“°︎ r/lua
πŸ’¬︎
πŸ‘€︎ u/bmzat
πŸ“…︎ Feb 25 2020
🚨︎ report
Scientists have developed a "traffic light" that can bring quantum waves to a halt that could be key to harnessing the potential of the atomic world, eventually leading to breakthroughs in computing, medicine, cryptography, materials science and other applications. journals.aps.org/prl/abst…
πŸ‘︎ 92
πŸ“°︎ r/science
πŸ’¬︎
πŸ‘€︎ u/MistWeaver80
πŸ“…︎ Sep 17 2019
🚨︎ report
This new discovery enables large prime factorisation using standard computers thus rendering obsolete all static factorising encryptions presently used in public key cryptography. youtube.com/watch?v=yd_2H…
πŸ‘︎ 22
πŸ’¬︎
πŸ‘€︎ u/unfixpoint
πŸ“…︎ Aug 12 2019
🚨︎ report
Quantum Cryptography Market Size & Growth, Trend, Segmentation, Top Key Players Analysis Industry, Opportunities and Forecast to 2026 – The Ukiah Post

This global quantum cryptography market report provides a holistic evaluation of the market for the forecast period up to 2026. The report comprises various segments as well as an analysis of trends and factors that are playing a substantial role in cryptography. https://www.ukiahpost.com/quantum-cryptography-market-size-growth-trend-segmentation-top-key-players-analysis-industry-opportunities-and-forecast-to-2026/

πŸ‘︎ 8
πŸ“°︎ r/QuubeEx
πŸ’¬︎
πŸ‘€︎ u/QuubeExchange
πŸ“…︎ Nov 17 2019
🚨︎ report

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.