A few notes as we come across them on various encryption algorithms. Please note this isn’t intended to be an exhaustive or detailed list of everything, you should carry out your own research before selecting an encryption algorithm, don’t just blindly rely on comments like these here, they may be wrong or out of date! […]
OpenSSL http://www.cryptopp.com/ Libsodium (Recomended by Steve Gibson @ Security Now 2017-09, says its the best he knows of plus its audited)
Algorithims that produce a hash using a private key and some stored random “salt” Salting Improves the security of hashes because pre computed rainbow tables can’t be used. However the effectiveness is arguably becoming less over time as new rainbow tables can be computed faster using FPGA’s and salting. Storing Passwords On systems at any […]
SSL & TLS Transport Layer Security (TLS) has replaced Secure Sockets Layer (SSL). Both are cryptographic protocols. TLS is more powerful the SSL and has been adopted by everything internet. The security of SSL is broken, everyone uses TLS but it can often still be called SSL for historical reasons!
A TPM is simply a version of a HSB (Hardware Security Module) A TPM chip allows the device to keep a secret. They are cheap, simple and work at protecting secrets even with physical access to the device.
Encrypting disk hard drives – Best security practice today When a drive is first bought into service, before anything is written to it, a high quality entropy source should be used to produce a large (128 or 256 bit), high entropy symmetric secret. This is the encryption key. It will then be forever used to […]