Frequent 'encryption cryptography' Questions

65

votes

15answers

15k views

Lessons learned and misconceptions regarding encryption and cryptology

Cryptology is such a broad subject that even experienced coders will almost always make mistakes the first few times around. However encryption is such an important topic, often we can't afford to ...

asked Feb 19 '11 at 19:25

makerofthings7
12.6k331133

129

votes

9answers

8k views

How is it possible that people observing an HTTPS connection being established wouldn't know how to decrypt it?

I've often heard it said that if you're logging in to a website - a bank, GMail, whatever - via HTTPS, that the information you transmit is safe from snooping by 3rd parties. I've always been a little ...

cryptography encryption ssl key-exchange

asked Aug 15 '11 at 18:58

Joshua Carmody
805147

17

votes

3answers

3k views

Why should one not use the same asymmetric key for encryption as they do for signing?

In an answer to a question about RSA and PGP, PulpSpy noted this: It is possible to generate an RSA key pair using GPG (for both encryption and signing -- you should not use the same key for ...

cryptography encryption digital-signature

asked Jan 21 '11 at 20:06

Iszi
9,20312376

11

votes

4answers

6k views

What ciphers should I use in my web server after I configure my SSL certificate?

There are many great questions that ask what is the best certificate to use for a website; but once the certificate is purchased, there is also the possibility to choose or edit the Cipher list. ...

cryptography encryption ssl webserver certificates

asked Sep 23 '11 at 4:42

makerofthings7
12.6k331133

13

votes

4answers

1k views

In what ways does Full or Partial Homomorphic Encryption benefit the cloud?

Can someone explain, in plain English, the practical ways FHE and PHE can be leveraged in the cloud? Some interesting (and confusing) links include this Microsoft Research PDF and this wiki entry. ...

encryption cryptography cloud-computing homomorphic-encryption

asked May 11 '11 at 14:21

makerofthings7
12.6k331133

15

votes

2answers

487 views

Are URLs viewed during HTTPS transactions to one or more websites from a single IP distinguishable?

For example, say the following are HTTPS URLs to two websites by one IP over 5 mins: "A.com/1", "A.com/2", "A.com/3", "B.com/1", "B.com/2". Would monitoring of packets reveal: nothing, reveal only ...

cryptography encryption ssl privacy

asked Jun 6 '11 at 12:22

blunders
1,170225

16

votes

3answers

962 views

Is there any advantage to splitting a password?

I've been reading about the LANMAN (LM) hash and I'm curious about a particular part of the algorithm. The LM hash is computed as follows: The user’s ASCII password is converted to uppercase. ...

cryptography encryption passwords hash

asked Apr 4 '11 at 18:06

Bill the Lizard
1,3662825

16

votes

2answers

11k views

How to estimate the time needed to crack RSA encryption?

How to estimate the time needed to crack RSA encryption? I mean the time needed to crack Rsa encryption with key length of 1024, 2048, 3072, 4096, 5120, 6144, 5120, 7168, 8192, 9216, 10240, 11264, ...

cryptography encryption cryptanalysis brute-force

asked Jun 12 '11 at 9:48

Predator
226128

11

votes

2answers

2k views

symmetric encryption session keys in SSL/TLS

This question concerns the session send and receive keys used in SSL/TLS protocol. my understanding is that this key uses symmetric encryption (DES, AES, BlowFish, etc.) I'm wondering, if ...

cryptography encryption ssl vpn

asked May 7 '11 at 23:59

lurscher
293210

18

votes

6answers

885 views

What are the good use cases for disk encryption?

I've been researching disk/file system encryption, and on the surface it seems like a good idea for a lot of things. But as I dig further, the security it offers seems more mirage like than real. ...

cryptography encryption disk-encryption

asked Apr 20 '11 at 13:02

user1971
32317

37

votes

7answers

3k views

Online backup : how could encryption and de-duplication be compatible?

A "soon to enter beta" online backup service, Bitcasa, claims to have both de-duplication (you don't backup something already in the cloud) and client side encryption. ...

cryptography encryption privacy backup

asked Sep 14 '11 at 11:45

Bruno Rohée
1,322513

14

votes

5answers

6k views

Should RSA public exponent be only in {3, 5, 17, 257 or 65537} due to security considerations?

In my project I'm using the value of public exponent of 4451h. I thought it's safe and ok until I started to use one commercial RSA encryption library. If I use this exponent with this library, it ...

cryptography encryption cryptanalysis

asked Mar 1 '11 at 8:59

FractalizeR
21827

12

votes

5answers

974 views

How should passwords be stored if they must be recoverable?

By "encrypting" passwords you are violating CWE-257: Storing Passwords in a Recoverable Format. But this is exactly what the French government wants. They want to be able to obtain the passwords of ...

cryptography authentication encryption

asked Apr 10 '11 at 1:06

Rook
20.8k11969

11

votes

5answers

7k views

Asymmetric vs Symmetric Encryption

I am currently taking a principles of information security class. While talking about different encryption methods a large number of my classmates seem to believe that Asymmetric Encryption is better ...

cryptography encryption

asked Sep 16 '11 at 18:24

matthew
23728

12

votes

3answers

807 views

What's the mathematical model behind the security claims of symmetric ciphers and digest algorithms?

Why can SHA-1 be considered a secure hash function? That's something I still wonder about. I understand the concepts of why modern asymmetric algorithms are deemed to be secure. They are founded on ...

cryptography encryption hash cryptanalysis

asked Jul 9 '11 at 16:57

emboss
761315

Tagged Questions

Related Tags