After the latest Bluetooth KNOB attack that allowed the key to be 1 octet, Bluetooth SIG ‘recommends’ a 7 octets key. How much better is it in real life?

After the latest Bluetooth KNOB attack that allowed the key to be 1 octet, Bluetooth SIG ‘recommends’ a 7 octets key. How much better is it in real life? The vulnerability https://knobattack.com The SIC update on it: To remedy the vulnerability, on 2019-08-13, the Bluetooth SIG Board of Directors adopted Erratum 11838, which affects Bluetooth Core Specification versions 4.2 to 5.1 and adds a recommendation of a minimum encryption key length of 7 octets for encrypted BR/EDR connections. I understand just enough to know 128 should be the lowest, from…

Read More

The two links on the sidebar related to “starting in #Crypto” are broken

The two links on the sidebar related to “starting in crypto” are broken “Threads on starting in crypto one & two “ Both are broken, can they be fixed? I’m interesested, thanks! submitted by /u/ImSupposedToBeCoding [link] [comments] top scoring links : crypto Cryptography is the art of creating mathematical assurances for who can do what with data, including but not limited the classical example of encrypting messages so that only the key-holder can read it. Cryptography lives at an intersection of math, programming, and computer science. This subreddit covers the…

Read More

OKEx Korea delisting all privacy #Coins, including Monero, Zcash and Dash, as these ‘violate’ FATF’s ‘travel rule’ – The #Block

OKEx Korea delisting all privacy coins, including Monero, Zcash and Dash, as these ‘violate’ FATF’s ‘travel rule’ – The Block submitted by /u/mebinici [link] [comments] top scoring links : CryptoCurrency The official source for CryptoCurrency News, Discussion & Analysis.

Read More

Is EdDSA with Blake2b as hashing function #Secure?

Is EdDSA with Blake2b as hashing function secure? Hi, I’m currently designing an app which will use cryptography heavily. We want to limit the number of used cryptographic primitives. Blake2b will be used for hashing, so it could be great if we reuse this primitive for signing instead of Ed25519’s SHA2-512. so Is EdDSA with Blake2b secure/common? I cannot find much literature about this. submitted by /u/z0mbie42_ [link] [comments] top scoring links : crypto Cryptography is the art of creating mathematical assurances for who can do what with data, including…

Read More

Question about hashing concatenated strings that are ambiguous

Question about hashing concatenated strings that are ambiguous I stumbled upon this on stackexchange: https://security.stackexchange.com/a/2212 Basically they’re mentioning that ‘built||insecurely’ and ‘builtin||securely’ will generate the same hash, so that one must employ some kind of mitigating factor like H(H(builtin)||H(securely)) to avoid the ambiguity of each formation generating the same hash. I’m a little confused by exactly what contexts this is important in, and what instances of strings being concatenated are ambiguous and vulnerable to this. Specifically, if using encrypt-then-MAC on a cipher-text message, it’s said that one should generate the…

Read More