Questions tagged [file-encryption]
The process of encrypting individual files on a storage medium and permitting access to the encrypted data only after proper authentication is provided.
503 questions
0
votes
1
answer
201
views
File backup encryption for personal files
I would like to be able to store backups on potentially "untrustworthy" sources such as cloud storage. Whilst I could probably get away with a simple encrypted tar file, for a single backup, ...
- 113
1
vote
1
answer
118
views
Exposing size of last chunk in RSA file encryption
So I'm implementing RSA encryption. I'm processing input in chunks of known constant size (depends on modulus) but the last chunk might be smaller so I save its size in plaintext at the end of output ...
- 113
1
vote
0
answers
162
views
Is it necessary to encrypt an eMMC that's soldered to the board?
Say you have a machine where the disk (eMMC) is non-removable like the Surface Go. If the UEFI configuration is protected with a long password, USB + network boot is disabled, and your user has a long ...
- 131
0
votes
1
answer
118
views
Restrict gpg from decrypting a file encrypted by a subkey which is now expired or revoked [duplicate]
GPG allows file encryption for multiple recipients. I prefer to encrypt files:
Only to recipient subkeys shared with me by the intended recipients, like so:
$ gpg --encrypt --armor --recipient <...
1
vote
1
answer
127
views
What do I need to consider when encrypting multiple (many) files (sometimes in differerent versions with only little difference) with the same key?
I need to continuously encrypt a set of files so that I can send them to a group of people that I trust and who trust among themselves. Thus I would ideally use a symmetric encryption scheme with one ...
- 113
3
votes
1
answer
512
views
How to generate a Symmetric Key on the Secure Enclave of iOS devices and use it to encrypt data
I'm working on a secure app that uses the user's master password to derive a symmetric key to encrypt all the user information. I want to add FaceId support now, and the approach I was thinking of was ...
- 133
1
vote
1
answer
156
views
Is it possible to use arbitrary file(s) to encrypt another file?
i.e. To allow an unofficial software modification (which is too extensive to distribute as delta/patch files) to be distributed while ensuring the user owns the original software, it would be ...
- 119
3
votes
1
answer
248
views
Best Practice for Creating and Accessing an Encrypted Database with a Strong Threat Model
Goal:
I'm seeking feedback on the most secure setup for creating and accessing an encrypted database (KDBX4 format) that minimizes exposure to potential remote attacks. This database will contain ...
- 31
1
vote
2
answers
544
views
File encryption using asynchronous keys, having a public key in the field
So for this project I'm looking into encrypting a binary.
My binary should be protected by some means, making sure we know on the other end it was us who packaged/encrypted it.
For this simple task ...
- 121
1
vote
2
answers
272
views
How can I compile and run Fortran/C programs on a shared remote server without exposing my code to other root users?
I have access to a big remote server via SSH and I'm a root user on that server. However, there are multiple other root users who also have access to this server. I want to run some Fortran/C programs ...
0
votes
1
answer
99
views
End to end encryption
Can ISPs see file names and file types that are being downloaded from zero knowledge end to end encrypted cloud storage folders like mega.
0
votes
2
answers
336
views
Should you encrypt sensitive files even with FDE?
I'm in the process of trying to make my current laptop setup more secure, especially I'm planning to finally use FDE and enable Secure Boot. However, I'm still unsure on how to handle sensitive, ...
11
votes
4
answers
4k
views
Is my encryption format secure?
I am looking to implement a secure passphrase-encrypted file format for a specific use case. The file format consists storing a randomly generated salt and IV along with the cipher text and a MAC to ...
- 212
0
votes
0
answers
141
views
NTRU - How is the master key and session key generated?
I am learning the PKC topics and would like to understand about the master and session key generation process regarding NTRU.
Let's make it a scenario, if a user wants to register during the ...
- 9
1
vote
1
answer
2k
views
GPG can't decrypt my data because of an invalid packet
I have an encrypted data containig some of my data that I am unable to decrypt. It is archived with tar, compressed with gzip and encrypted with gnupg. Today I tried to decrypt it with gpg and it ...
- 111
0
votes
0
answers
166
views
Why doesn't file/folder encryption work the way I imagine it should? Can I have the UX I want? Tell me what's wrong with this idea
I have been looking around at various encryption schemes, and I haven't found anything exactly like what I want in terms of user experience.
If what I want isn't a thing, I assume it's been thought of,...
- 101
0
votes
0
answers
172
views
Choosing Encryption Strategies for Secure Long-Term Storage of Sensitive Data
When considering external drives for secure long-term storage of sensitive data, what are the pros and cons of using the same password for encrypting all files versus using random passwords for each ...
- 173
1
vote
2
answers
4k
views
Encrypted 7z file password not working
I'm in an interesting predicament. I have an encrypted 7z file that I made myself. The password for the file is a 60 character generated password that I saved to my password manager. I made sure to ...
- 113
0
votes
1
answer
308
views
Is rsyncrypto secure?
My information security model right now is "if you want the data that I am storing on the cloud, you can have it" and I would like to change that to "if you want the data and have a $5 ...
- 301
3
votes
2
answers
1k
views
TPM - ECC based encryption / decryption using the public key
Our device comes with a device certificate which was signed with our private registration authority (CA). The private key (type ECC) was generated on the device itself - to be more specific directly ...
- 271
1
vote
3
answers
183
views
Is there a way to store data securely on a client so that it can only be read by the client while connected to an authorising source?
I have a difficult issue facing an online gaming social space I frequent where personal content I've made for the platform is being stolen by users.
I'm wondering if there are any solutions to make ...
- 111
0
votes
1
answer
225
views
Why some ransomware adds padding to headers
Does anyone know why some ransomware families (e.g. Cuba but also Phobos if I am not mistaken) pad the file header to get to 1024 bytes?
I mean what would be a reason for the ransomware developer to ...
1
vote
1
answer
355
views
How to protect files in use on a system powered on from physical theft or tampering?
I'm in the process of figuring out an encryption strategy for a personal Linux system.
My laptop is almost always on, or in sleep mode, except for longer travels.
My main threats are theft of my ...
- 11
0
votes
0
answers
69
views
How to find the correspond hash algorithm? [duplicate]
I'm currently working on a project. but i still facing some issue due to some crypted data. i know the plaintext and got the correspond hash.
plaintext: C018AE45B37DAE665486F4151E0C1E6F
Hash: rROkd+...
- 21
1
vote
1
answer
229
views
AEAD: Authenticating a digest of my data instead the data itself
Relevant question for Python:
Stack Exchange: https://stackoverflow.com/questions/75739308/aead-authentication-with-huge-input-that-doesnt-fit-into-ram
Top Answers: https://topanswers.xyz/python?q=...
- 121
0
votes
1
answer
295
views
How does Ransomware encrypt files? [duplicate]
I have a question about how ransomware works.
According to the authors of this paper: https://www.cise.ufl.edu/~traynor/papers/scaife-icdcs16.pdf (page 2 - 3) , class C is: ransomware reads the ...
1
vote
1
answer
2k
views
Android File Encryption without screen lock
I am trying to understand the FBE Key generation and verification process at every boot. My device is going to be handled without a lock screen (Android 11 with FBE + Metadata Encryption Enabled), so ...
- 13
3
votes
0
answers
2k
views
Strongest symmetric algorithm in 2022 [duplicate]
I'm curious about the best encryption algorithm for encrypting my files in 2022? I thought it was a good solution to encrypt my private key with AES-256 but I decided to ask here and choose better ...
- 179
0
votes
3
answers
124
views
Encryption key fuzzing for forensics analysts
I'm trying to make a simple encryption tool for Debian-like systems. I would simply hash a password, use it to lock/unlock a file, and it would never be stored on the drive. My dad threw out the idea ...
- 209
0
votes
2
answers
628
views
Ransomware public key: can I find the respective private key?
I got a ransomware called StopDjvu. On my PC, I have found the public key that is used by the malware (maybe RSA hardcoded).
Is it possible to extract the private key from the public key?
0
votes
1
answer
489
views
How to setup a Per-File Encryption architecture
I would like to set up a per-file encryption architecture where every file is encrypted with its own key, and each key is encrypted using a master key.
Is there any good articles to read regarding ...
- 1
1
vote
1
answer
2k
views
How do I secure sensitive information like system credentials in a configuration file?
I often get this question:
I have sensitive data such as system credentials which my web application needs to secure. Some things I can store in a database, but others (like the credentials to access ...
- 51
1
vote
1
answer
527
views
Why does some Ransomware encrypt also the file header and trailer?
Some time ago I read an article that mentioned that it is possible for some ransomware to change the magic numbers of a file (that makes sense). However, the authors claimed that their method was ...
- 55
1
vote
2
answers
270
views
Encryption method for file that can only be read by program
I have a Python 3 program, and I’m having trouble finding an encryption method that will suit my needs.
Suppose the program is on a thumb drive. I would give the thumb drive to someone else, and they ...
- 113
0
votes
1
answer
214
views
Are Popular Closed Source Archivers Secure?
I'm wondering if popular closed-source archiving software like WinRAR or WinZIP are tested regularly by other developers to check if they add some kind of intentional backdoor or unintentional ...
- 1
3
votes
3
answers
418
views
Does knowing how an encrypted file changed make it vulnerable?
Scenario
The following bash commands create an empty file test.txt, encrypt it using a default algorithm to test1.gpg, then append the line new line to the original file and encrypt it again to test2....
- 755
1
vote
1
answer
159
views
can these encryption methods for a text file protect against physical access to machine by adversary?
My threat model is that, the adversary has physical access to the machine and root access.
I don't care about any data on the system other than a couple python scripts that contain sensitive ...
- 15
1
vote
1
answer
2k
views
How to fix import private key in GPG?
Since, I am new to gpg I wanted to generate a key pair. So I typed gpg --full-gen-key and inputted the following:
root@kali-linux:~# gpg --full-gen-key
gpg (GnuPG) 2.2.35; Copyright (C) 2022 g10 Code ...
- 113
1
vote
1
answer
145
views
Flashdrive data confidentiality when disconnecting flashdrive from machine abruptly
Assuming I boot up a fully encrypted OS from a portable flash drive and do some tasks in this running OS; then abruptly disconnect this flash drive from my computer and a malicious actor gets their ...
- 13
0
votes
1
answer
307
views
How secure is a bitlocker startup key on a mountable encrypted container?
Let's say I want to protect the contents of my Desktop PC which I use in quite many occasions remotely.
I want to use Bitlocker with a startup key that only "activates" at a specific moment ...
2
votes
1
answer
705
views
Military-grade encryption on Blu-ray discs?
Another thread addresses the question of what can count as "military-grade encryption." In this case, I see that CyberLink Power2Go software boasts "advanced military-grade 256-bit ...
- 123
2
votes
2
answers
1k
views
How to design a secure file storage/sharing platform
As the title implies, I would like to design a secure file storage/sharing platform. This is an abstract design question, so details regarding programing languages or platforms are not particularly ...
- 121
0
votes
0
answers
139
views
Secure logs on an embedded IoT device
I need to secure logs on a IoT device (Infineon TC233). It has 2 MB flash and a HSM. We are at the design stage of development.
Since logs will be primarily event & data logs, the size of the log ...
- 183
4
votes
0
answers
5k
views
When using VirtualBox, is it better to use the VirtualBox encryption or the OS disk encryption?
VirtualBox has an option to encrypt the drive of a VM.
When I installed Debian or Ubuntu, I have the option to say that I want the full disk encrypted.
I'm thinking that both do pretty much the same ...
- 1,107
1
vote
0
answers
236
views
Attack on home dir encryption with sddm pam_mount by using password in /etc/shadow
I'm using Debian + sddm + KDE with ONLY home directory encrypted with gocryptfs.
Decrypting is performed with gocryptfs as follows:
PC boots as usual and starts the sddm service
I enter my login ...
1
vote
1
answer
451
views
Is there a way for a file/binary/exexutable to verify it's own integrity?
So I'm making a distributed recovery system which consists of a bunch of hidden usb sticks. I plan to have the file be an executable, probably in the form of a appimage, which will contain my ...
user249342
0
votes
2
answers
273
views
Is it possible to eavesdrop HTTPS encryptions by file size?
I see that HTTPS uses symmetric encryption for the file transfer, often AES. I also read that AES uses padding to help obfuscate the data itself. Though I am curious how powerful that padding is when ...
- 101
0
votes
1
answer
482
views
How do I import a private key from a hard copy?
I started playing with encrypting some personal files, and I exported the private key as an .asc file, but also on hard copy (plain paper) and can't understand a thing about how it says to import it ...
- 13
0
votes
1
answer
378
views
Should I encrypt backup files with WinRar?
Currently we don't have a server in a small organization with a very limited budget. We do backup by syncing files between workstations with Windows 10 OS. I'd like to encrypt these files because they ...
- 489
0
votes
0
answers
154
views
Step-by-step file encryption/decryption using user-supplied password
Let's say I want to build a dropbox clone. When users upload files they need to be encrypted. Later on, when the user needs to access their files, the application should be able to decrypt them using ...
- 101