Timeline for Four layer encryption implementation
Current License: CC BY-SA 4.0
8 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Sep 24 at 17:25 | answer | added | Maarten Bodewes | timeline score: 7 | |
| Dec 17, 2024 at 19:02 | comment | added | Jesse C. Slicer | Couple of comments without getting into a full-blown review because there is a LOT of code here. 1) It took some sleuthing to figure out that to make the code even compile, the following three NuGet packages are needed: BouncyCastle.NetCore, Konscious.Security.Cryptography.Argon2, and Sodium.Core. 2) This entire code slosh is a mix of really advanced cryptographic concepts, advanced asynchrony concepts, and a gross lack of understanding of basic C# concepts and overall consistency. | |
| Dec 14, 2024 at 19:38 | comment | added | Command Master | @Reinderien the cryptography doesn't seem to be the core of the question here — this is just a composition of four well known ciphers (there may well be bugs somewhere else which could introduce vulnerabilities, but the cryptographic primitives themselves aren't home-rolled). I think the main question here is software design | |
| Dec 14, 2024 at 17:20 | comment | added | Reinderien | Perhaps more specifically, this site is good at covering generic software design, but cryptographic robustness is better covered on crypto.stackexchange.com . | |
| Dec 14, 2024 at 13:39 | comment | added | Reinderien | That's certainly a good point, and so in context, it's good to learn on a question like this, but also, the OP describing that this is used for a password vault application suggests that it's being used in production which it shouldn't. | |
| Dec 14, 2024 at 13:37 | comment | added | pacmaninbw♦ | @Reinderien How does one become a serious security professional without asking questions? | |
| Dec 13, 2024 at 16:23 | comment | added | Reinderien | The easy answer is "don't" to all of this. It's notoriously difficult to write provably secure cryptosystems, and any serious security professional would have to assume that this is insecure because it's home-rolled and non-vetted. | |
| Dec 13, 2024 at 5:53 | history | asked | bismofunyuns | CC BY-SA 4.0 |