IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [encryption]

Encryption is the process of transforming plaintext using a cipher to make it unreadable to anyone except those possessing the key.

Encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.

The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. “software for encryption” can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted).

source Wikipedia:

5875 questions
68
votes
6 answers

Pattern to allow multiple persons to decrypt a document, without sharing the encryption key?

Current setup We have a service that allows users to upload documents through a website and stores the uploaded documents encrypted on disk. The documents on disk are encrypted with a per-user key, which is randomly generated upon account creation.…
Monika
  • 1,092
  • 1
  • 10
  • 21
53
votes
5 answers

How do I verify that WhatsApp is using end-to-end encryption?

Slightly old news: Whatsapp Just Switched on End-to-End Encryption for Hundreds of Millions of Users Is there any test that I can perform to verify that WhatsApp is indeed using end-to-end encryption between my and another Android phone?
Ansis Māliņš
  • 653
  • 1
  • 5
  • 6
42
votes
2 answers

What's the difference between end-to-end and regular TLS encryption?

I've been told that WhatsApp implemented "end-to-end" encryption. In the grand scheme of things, what does this actually mean versus, say, another service which does use HTTPS, such as this website (StackExchange) or some other non-end-to-end…
the_endian
  • 1,169
  • 1
  • 8
  • 21
41
votes
3 answers

Block chaining modes to avoid

Everyone knows that ECB operation mode with a block cipher should be avoided because of clear and obvious weaknesses. But little attention is given to comparison of the other modes in the context of security, and people instead appear to simply…
tylerl
  • 83,435
  • 26
  • 152
  • 232
38
votes
7 answers

Encrypting With Passwords - Encryption of Key vs. Data

Many password-based encryption utilities (e.g.: KeePass, TrueCrypt) do something along the lines of... Encrypt data with super-strong random-generated key, "data key". Encrypt data key with another key, "user key", based on user-provided…
Iszi
  • 27,127
  • 18
  • 101
  • 163
38
votes
4 answers

Is there an encryption algorithm that is fully secure?

Is there an encryption algorithm that is completely secure and isn't based on difficult computational algorithms? If such an algorithm exists, why we don't we use it in SSL/SSH?
SDasd
  • 433
  • 4
  • 7
29
votes
8 answers

Is at-rest encryption worth it if the key has to be kept accessible for decryption?

From the way I understand it, at-rest encryption is used to protect data when it's being stored at a datacenter so that if someone manages to get data they shouldn't have, they don't have anything useful. But regardless of what type of encryption is…
northeastprince
  • 393
  • 3
  • 4
28
votes
9 answers

Recover deleted file despite full disk encryption

This might be a stupid question, but I'll go ahead and ask it anyway. Say I am on Windows and I create a file, secret_financial_plan.txt, where I store all my company's black market financial operations. Once my operations are all finished, I delete…
Total Fde
  • 289
  • 3
  • 3
28
votes
1 answer

What does this say? It's in MD5

Some one sent this to me and I have tried to figure it ouut on my own. But have not been successful. Can you help figure out this, he said it was in MD5... 1ce67f05968d51656eb71f13368f0b2d
MBC
  • 263
  • 2
  • 5
27
votes
3 answers

How to encrypt database connection credentials on a web server?

OWASP advise against storing DB credentials in plain text: https://www.owasp.org/index.php/Password_in_Configuration_File However, they don't provide suggestions of how to encrypt the DB access credentials, where to store keys, how to manage access…
tom
  • 273
  • 1
  • 3
  • 4
25
votes
6 answers

How to safely store sensitive data like a social security number?

I am looking for a way to safely store personal information with low entropy safely. I have the following requirements for the data: Must be able to search (i.e. to look up an existing piece of data) but not view Other systems must be able to…
chotchki
  • 487
  • 2
  • 5
  • 11
23
votes
9 answers

Software that encrypts the data before deleting it

I am searching for a software that would encrypt data and then delete it (as opposed to just deleting or wiping). With that, even if the file is recovered, you still have to break the encryption to get the data. I suppose manually I could encrypt…
Rayesh
  • 255
  • 2
  • 3
22
votes
2 answers

Does holding an AES-encrypted string and its cleartext from a database help an attacker in decrypting other parts of the database

I have a question regarding Encryption. Say an attacker stole my entire database. In that database all the data was encrypted. If the attacker took one piece of encrypted data and for some reason knew the original value of this one piece of…
user2924127
  • 897
  • 1
  • 8
  • 18
21
votes
3 answers

Does knowing the file type of an encrypted file make it easier to decrypt?

If I encrypt, say, a .pdf file then does knowing that it's a .pdf make it easier to decrypt? i.e. could the file's well-known structure act as a predictable part of the encrypted bytes?
Ian Warburton
  • 1,187
  • 1
  • 11
  • 16
20
votes
5 answers

Does using the same encryption algorithm multiple times make a difference?

In TrueCrypt I noticed the option to encrypt a volume with multiple encryption algorithms i.e. AES-Twofish-Serpent. Would it be useful to encrypt something with the same algorithm multiple times? For example AES-AES-AES. I would guess if a flaw or…
Celeritas
  • 10,187
  • 24
  • 85
  • 148
1
2 3
28 29