Questions tagged [cryptography]
Cryptography is the practice and study of logical means used to achieve information confidentiality, integrity and authenticity. It covers, among other things, encryption (making some data unreadable except for those who know a given secret element, called a key), data hashing (in particular for password storage) and digital signatures (provable integrity and authenticity with non-repudiation).
2,398 questions
0 votes
0 answers
72 views
Not quite end-to-end encryption: encryption models where backend needs to do processing outside of a user session
I'm struggling to come up with a better encryption model for this scenario: User is mobile app user Small (USA) company with small budget wants to store data encrypted at rest per user in cloud ...
- 101
0 votes
1 answer
98 views
What is the best way to authenticate and encrypt a simple, end-user started, ephemeral tcp server?
Context I have a GUI application with a proprietary scripting language. There is a library that starts a python child process from the GUI which listens on a tcp socket and runs any script command ...
- 101
0 votes
1 answer
88 views
Use of assymetric encryption in Apple CloudKit (iCloud)
Context: CloudKit is a framework that lets app developers store key-value data, structured data, and assets (large data stored separately from the database, such as images or videos) in iCloud. ...
- 11
0 votes
1 answer
104 views
Kerberos kinit password: what is it used for? Cryptographically?
Why is a password be presented during 'kinit' to authenticate with Kerberos? Cryptographically? In this post the Kerberos protocol is described and it appears to use symmetric keys. Given that, I ...
- 47
1 vote
1 answer
99 views
Using OPAQUE without envelope checksums
I've been considering switching from SRP to OPAQUE, because I like the idea that verifiers (which can be subject to dictionary attacks) are never communicated over the protocol, even during ...
- 293
2 votes
1 answer
662 views
Is there any reason to choose A256GCMKW over A256KW in JSON Web Encryption?
When implementing JSON Web Encryption (JWE), I understand the reasons why you might choose A256KW over DIR. But, now I notice there is also A256GCMKW as an optional part of the JWE standard (see ...
- 123
1 vote
0 answers
121 views
What are some reliable and well-maintained Post-Quantum Cryptography (PQC) libraries with Go support? [closed]
I am looking for reputable libraries or solution providers that offer reliable, well-maintained, and well-documented implementations of post-quantum cryptographic (PQC) algorithms. Specifically, I am ...
- 19
9 votes
2 answers
4k views
Is password-based encryption better than traditional password hashing?
I have a theoretical question regarding the comparison of password-based encryption and password hashing. Not sure if Stackoverflow or crypto is the best place, but this is more on the side of ...
