Posts
Scheme for long lived auth
I'm working on a new product that will have mobile phone apps as some clients, but due to timeliness and usage patterns I want long term auth of some kind. A refresh once per quarter or so would be ideal. I could use JWT into this with a 3 month …
Can a digital signature on some data be replaced?
I am going to ask a rather stupid question for which I apologize in advance, but I'm sort of losing my head at this point. I am working on an encryption system where two parties are required to authenticate themselves to one another and subsequently perform a key exchange. The …
Key Transparency and the Right to be Forgotten
Candidate for simple CSPRNG/ultra-lightweight stream cipher
Hello everyone. Some time ago I created efficient pseudo-random number generators based on Collatz-like functions: [https://www.reddit.com/r/RNG/comments/19a2q24/collatzweyl\_generators/](https://www.reddit.com/r/RNG/comments/19a2q24/collatzweyl_generators/) [https://arxiv.org/pdf/2312.17043](https://arxiv.org/pdf/2312.17043) One of the simplest of them is the Collatz-Weyl generator: static __uint128_t x, weyl, s; // s must be odd bool Collatz_Weyl(void){ if(x % 2 == 1){ x = (3*x+1)/2;} else{ x = …
Salamander/MIME – Just because it's encrypted doesn't mean it's secure | Lutra Security
Key ring file format?
I'm a professional software engineer, and I've written software to manage user-generated keys for a bespoke system in the past. The general gist was vary the encoding of the key data itself while associating it with a human-readable label in a flat file that was subsequently encrypted before being written …
What To Use Instead of PGP
FN-DSA (Falcon) implemented in Rust (by Thomas Pornin)
Webapp Encryption at Rest
im working on a javascript UI framework for personal projects and im trying to create something like a React-hook that handles "encrypted at rest". the react-hook is described in more detail [here](https://positive-intentions.com/blog/async-state-management). id like to extend its functionality to have encrypted persistant data. my approach is the following and it …