-
Mostly been working on web, i suspect there might be some low hanging fruit in mobile security.
-
@bartonjs asked on StackOverflow that I kick-off an ECIES proposal for .NET - so the proposal here is to add a new .NET API for encryption of data using ECIES.
# Context
ECIES (Elliptic Curve Inte…
-
Parsing of TPM2_CreatePrimary() creationPCRs does not work.
Example:
```
Command .
TPMI_ST_…
-
The psa_key_derivation multipart operation allows only one key derivation operation which make it not suitable for the TLS 1.3 key derivation schedule.
For example, mbedtls uses psa_raw_key_agreement…
-
scrypt.params is important because it allows you to choose an appropriate timeout for key stretching. Choosing a constant value for N would mean that your password storage would become easier and easi…
-
### Steps To Reproduce
1. In safari, Go to a website login page with a stored password in BW
2. Ios keyboard pops up with detected password autofill option
3. Tap on the option to fill with store…
-
## Problem
It seems that `ethereum-cryptography/pbkdf2`does not use the subtle crypto API: https://github.com/status-im/status-web/pull/295/files
While we do not use `ethereum-cryptography`, we …
-
### Describe the enhancement you're suggesting.
A significant enhancement for the NFC app would be an interface to allow libraries/shared objects to be registered (or loaded from a fixed SD card path…
-
* Test gap: PBKDF2 is missing from `test_suite_psa_crypto_metadata.data`.
* This may cause additional test gaps because we use `test_suite_psa_crypto_metadata.data` as one of the ways to detect avail…
-
Section 3.1.1 says the algorithm ID must be set.
COSE doesn't require this. COSE allows the algorithm ID to be known from context some sort of negotiation scheme or other means outside of the COSE …