Questions tagged [key-generation]

Key generation is the process of generating keys for cryptography. A key is used to encrypt and decrypt whatever data is being encrypted/decrypted.

335 questions
42
votes
6 answers

What does key signing mean?

What exactly does the "key signing" mean? So for example I have a private/public GPG key so that people could send me encrypted e-mail, because they know my public key. But: what does key signing mean in this example? E.g.: "a third person signs my…
LanceBaynes
  • 6,279
  • 12
  • 63
  • 92
4
votes
2 answers

Symmetric key generation

Assume I have a source that generates symmetric keys. This source could be a very solid HSM device, somewhat reliable PRNG, a compromised key generator or a hardcoded value which returns the same byte sequence every time. Thus, I am not sure if the…
xycf7
  • 143
  • 4
4
votes
1 answer

Size of ECDH-P521R1 Private Keys

I'm trying to set up ECDH-P521 in Java and in Javascript. When using Java to generate a random private key. The generated key is either 1106 or 1107 bytes long (numbers only): This is an example:…
JayBeOh
  • 43
  • 1
  • 4
3
votes
3 answers

Difference between key generation and key agreement

Please excuse my ignorance as I am new to information security. Could someone please explain in simple terms what the difference is between key generation and key agreement. In which situation would I use which. Keep it simple please.
2
votes
0 answers

Why is the entropy of a session key approximately half the number of bits in the key?

From this OWASP page on "Insufficient Session-ID Length", it states: Assuming that the session identifiers are being generated using a good source of random numbers, we will estimate the number of bits of entropy in a session identifier to be…
Cybergibbons
  • 1,251
  • 2
  • 9
  • 21
2
votes
0 answers

Question regarding RFC7296 (IKEv2) PRF+

In RFC 7296, in section 2.13 What do the "K", "S", and T# represent? And my follow-up question is, in section 2.14 What would be the K, S, and T# equivalent in {SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr} = prf+ (SKEYSEED, Ni | Nr | SPIi…
David
  • 21
  • 1
2
votes
2 answers

Error tolerant password from quiztest

I want to use gpg with a symmetric password for encrypting a message. How to do this is explained here in the forum itself, but also in the internet. I'm aware that a symmetric key has the general problem of key exchange. A possible solution is to…
Manuel Rodriguez
  • 211
  • 1
  • 2
  • 5
1
vote
0 answers

Wireless entry systems why not use pre-shared noise?

I think the title question speaks for itself, but here are the details: You have 4 bits for the buttons, 16 bits for the counter, and a fix 16 bit ID. The transmitter would send out these bits plus an extra 32 bit word read from a ROM addressed by…
0
votes
1 answer

Is it true that key authentications are considered insecure nowaday?

Some of the comments on this post here: https://superuser.com/q/1034137/479461 are claiming this. i.e. this one says (emphasis mine) You got brute forced. This is why one does not leave a ssh server on the internet, even if you have a password.…
Zaibis
  • 711
  • 1
  • 4
  • 16
-3
votes
2 answers

pseudo-random key generation

If you set up a pseudo-random number generator in two different locations, but with the same seed, and you assume that they are both on the same number of ticks from startup, will they output the same number?
user98349
-5
votes
2 answers

Javascript web-based key derivation

Is there a website with a key derivation function running entirely in client-side Javascript? The string which is used to generate the key cannot be seen outside the client. It shouldn't use a run-of-the-mill hash function like SHA2 but something…
wlad
  • 111
  • 4