Skip to main content
Information Security

Questions tagged [public-key]

Ask Question

The tag has no summary.

55 questions
Newest Active Bountied Unanswered
2 votes
1 answer
139 views

Background For reasons of code size and education, I've added functionality to my codebase to extract the raw data for RSA 4096bit public keys from the .pub files created by OpenSSL. During this, I ...
Mick Waites's user avatar
  • 123
3 votes
1 answer
213 views

I have a number of NFC tags with the following metadata: ‍‍ [usb] pm3 --> hf mfu info [=] --- Tag Information -------------------------- [+] TYPE: NTAG 215 504bytes (NT2H1511G0DU) [+] ...
Lisbeth's user avatar
  • 131
1 vote
1 answer
676 views

If I sign JWT (as per JWS spec) with a private key, the receiver of JWT will want to validate the signature and they need public key to do that. The public key can be "baked" into the app ...
RokL's user avatar
  • 111
2 votes
1 answer
722 views

I apologise in advance if this is a dumb question. But this seems like one of those straight forward things that are so straight forward that its not even mentioned and I am not getting it. Perhaps I ...
theMyth's user avatar
  • 123
0 votes
1 answer
976 views

My company is exposing a few APIs to one of our partner systems (external). We're looking at mTLS authentication here than any credentials based Auth schemes. My understanding is, My system (server) ...
user1189332's user avatar
  • 101
0 votes
2 answers
99 views

is it possible to infer information like: algorithm, key length, mode etc. of the private key from the public key or CSR?
Hans's user avatar
  • 1
0 votes
1 answer
205 views

Through reading the WebAuthn spec and related MDN docs, I understand that unlike "certificate signing requests", FIDO/Passkey can have various different attestation formats and verification ...
DannyNiu's user avatar
  • 402
1 vote
1 answer
499 views

I'm making a web app where users will upload sensitive data (private financial records), so I want to encrypt one column in one table that holds the value. If I understood correctly, I need to use a ...
nick's user avatar
  • 111
0 votes
0 answers
149 views

From this question, it is said that when creating a CSR, we attach the public key and fill in other data. When creating a CSR, you attach your public key to it and fill in other needed data; you then ...
JLC's user avatar
  • 101
4 votes
1 answer
280 views

I came across a PGP public key that seems invalid. The key is a secp256k1 public key that supported by GPG. In fact, GPG allows importing that key even if it has an invalid secp256k1 public key inside....
Andreas Tzionis's user avatar
  • 143
0 votes
1 answer
272 views

I've been reading about WebAuthn and try to write some code to exercise. One thing I noticed is that the spec doesn't seem to provide any way to verify the correctness of the public-key being create()'...
DannyNiu's user avatar
  • 402
0 votes
1 answer
104 views

I would like to make a key/string/token encrypted string to send it to the user via email. This encrypted KEY would have encrypted data (resource id) and would be stored in the database along with ...
V S Vuca's user avatar
  • 11
9 votes
6 answers
7k views

Lets say Bob wishes to communicate with Alice. Alice's public key is useless to Bob unless he can prove that the public key came from Alice. To do this, Bob and Alice can establish a secure channel to ...
David Davidson's user avatar
  • 599
2 votes
1 answer
3k views

This is my first project of this nature, and I am hoping this is a basic use case for PGP encryption. Please forgive my ignorance! There is a server being configured by a service provider (SP). The SP ...
Clifford Piehl's user avatar
  • 131
3 votes
2 answers
1k views

Our device comes with a device certificate which was signed with our private registration authority (CA). The private key (type ECC) was generated on the device itself - to be more specific directly ...
TrinityTonic's user avatar
  • 271

15 30 50 per page
1
2 3 4