Public-key cryptography

Uses mathematical one-way functions. The private key must be kept private. The public key can be openly distributed without compromising security. Any person can encrypt a message using the public key. The encrypted message can only be decrypted with the private key. Using public-key cryptography to enable symmetric-key cryptography A typical example of how public-key […]

Read More

Encryption Algorithms

A few notes as we come across them on various encryption algorithms. Please note this isn’t intended to be an exhaustive or detailed list of everything, you should carry out your own research before selecting an encryption algorithm, don’t just blindly rely on comments like these here, they may be wrong or out of date! […]

Read More

Security Libraries

OpenSSL http://www.cryptopp.com/ Libsodium (Recomended by Steve Gibson @ Security Now 2017-09, says its the best he knows of plus its audited)

Read More

Hashing, Salting, Signatures

Algorithims that produce a hash using a private key and some stored random “salt” Salting Improves the security of hashes because pre computed rainbow tables can’t be used. However the effectiveness is arguably becoming less over time as new rainbow tables can be computed faster using FPGA’s and salting. Storing Passwords On systems at any […]

Read More

Encrypting Network Connections

SSL & TLS Transport Layer Security (TLS) has replaced Secure Sockets Layer (SSL). Both are cryptographic protocols. TLS is more powerful the SSL and has been adopted by everything internet. The security of SSL is broken, everyone uses TLS but it can often still be called SSL for historical reasons!

Read More

TPM (Trusted Platform Module)

A TPM is simply a version of a HSB (Hardware Security Module) A TPM chip allows the device to keep a secret. They are cheap, simple and work at protecting secrets even with physical access to the device.

Read More

Encrypting hard disk drives

Encrypting disk hard drives – Best security practice today When a drive is first bought into service, before anything is written to it, a high quality entropy source should be used to produce a large (128 or 256 bit), high entropy symmetric secret. This is the encryption key. It will then be forever used to […]

Read More