IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [encryption]

Encryption is the process of transforming plaintext using a cipher to make it unreadable to anyone except those possessing the key.

Encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.

The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. “software for encryption” can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted).

source Wikipedia:

5679 questions
500
votes
8 answers

RSA vs. DSA for SSH authentication keys

When generating SSH authentication keys on a Unix/Linux system with ssh-keygen, you're given the choice of creating a RSA or DSA key pair (using -t type). What is the difference between RSA and DSA keys? What would lead someone to choose one over…
jrdioko
  • 13,011
  • 7
  • 29
  • 38
417
votes
14 answers

How is it possible that people observing an HTTPS connection being established wouldn't know how to decrypt it?

I've often heard it said that if you're logging in to a website - a bank, GMail, whatever - via HTTPS, that the information you transmit is safe from snooping by 3rd parties. I've always been a little confused as to how this could be possible.…
Joshua Carmody
  • 4,465
  • 4
  • 15
  • 11
255
votes
12 answers

Why are hash functions one way? If I know the algorithm, why can't I calculate the input from it?

Why can't a password hash be reverse engineered? I've looked into this ages ago and have read lots on it, but I can't find the explanation of why it can't be done. An example will make it easier to understand my question and to keep things simple we…
Mucker
  • 2,667
  • 3
  • 13
  • 3
242
votes
6 answers

Is Telegram secure?

There is a new WhatsApp-killer application called Telegram. They said that it's open source and that it has a more secure encryption. But they store all the messages in their servers and WhatsApp doesn't store any messages in any server, only a…
ilazgo
  • 2,743
  • 4
  • 12
  • 10
241
votes
5 answers

What is the difference between https://google.com and https://encrypted.google.com?

Is it there any difference between the encrypted Google search (at https://encrypted.google.com) and the ordinary HTTPS Google search (at https://google.com)? In terms of security what were the benefits of browsing through encrypted Google…
BlueBerry - Vignesh4303
  • 5,107
  • 13
  • 34
  • 63
239
votes
3 answers

What are ssh-keygen best practices?

Most users would simply type ssh-keygen and accept what they're given by default. But what are the best practices for generating ssh keys with ssh-keygen? For example: Use -o for the OpenSSH key format rather than the older PEM format (OpenSSH 6.5…
Tom Hale
  • 2,545
  • 3
  • 9
  • 11
233
votes
8 answers

What is the difference between SSL vs SSH? Which is more secure?

What is the difference between SSH and SSL? Which one is more secure, if you can compare them together? Which has more potential vulnerabilities?
Am1rr3zA
  • 3,043
  • 4
  • 17
  • 14
211
votes
10 answers

What should you do if you catch encryption ransomware mid-operation?

You boot up your computer one day and while using it you notice that your drive is unusually busy. You check the System Monitor and notice that an unknown process is using the CPU and both reading and writing a lot to the drive. You immediately do a…
Fiksdal
  • 3,076
  • 3
  • 18
  • 29
203
votes
7 answers

How do mobile carriers know video resolution over HTTPS connections?

Verizon is modifying their "unlimited" data plans. Customers in the USA can stream video at 480p -or- pay to unlock higher resolutions (both 720p and +1080p). They are not the only mobile carrier to implement rules like this. If I am on a site that…
raithyn
  • 1,833
  • 2
  • 7
  • 10
179
votes
8 answers

Why can't the FBI read the key embedded in the iPhone's secure chip/ROM directly from hardware (silicon)?

As far as I understand, the 4 digit passcode is combined (in some fashion) with a key stored in secure read only memory (e.g. secure enclave chip or similar), where it is directly embedded into silicon wiring to help prevent unauthorized reads. But…
user9806
  • 1,689
  • 2
  • 9
  • 4
177
votes
9 answers

How to determine what type of encoding/encryption has been used?

Is there a way to find what type of encryption/encoding is being used? For example, I am testing a web application which stores the password in the database in an encrypted format (WeJcFMQ/8+8QJ/w0hHh+0g==). How do I determine what hashing or…
Karthik
  • 2,254
  • 4
  • 19
  • 19
168
votes
4 answers

Where to store a server side encryption key?

I have some data that is symmetrically encrypted with a single key in my database. Rather than hard coding it into my code, I am looking for a safer way to store the encryption key. Where can I safely store it?
Radek
  • 1,783
  • 2
  • 11
  • 5
168
votes
6 answers

Apple's open letter - they can't or won't backdoor iOS?

Apple released an open letter to the public outlining their reasons for not complying with the FBI's demands to modify the iPhone's security mechanism. Here's a summary: The FBI has an iPhone in their possession which they would like to access data…
TTT
  • 9,122
  • 4
  • 19
  • 31
167
votes
6 answers

ECDSA vs ECDH vs Ed25519 vs Curve25519

Among the ECC algorithms available in openSSH (ECDH, ECDSA, Ed25519, Curve25519), which offers the best level of security, and (ideally) why?
Omar
  • 1,773
  • 2
  • 11
  • 5
160
votes
7 answers

Why most people use 256 bit encryption instead of 128 bit?

Isn't 128 bit security enough for most practical applications?
H M
  • 2,897
  • 6
  • 22
  • 21
1
2 3
99 100