-
You appear to be hardcoding SHA-2, this is a really bad idea as SHA-2 might be broken at some point or others may prefer a faster function, such as BLAKE2. You should follow the standard procedure an…
-
I'm not sure if you've seen this proposal: https://github.com/w3c/web-advertising/blob/master/privacy_preserving_lookalike_audience_targeting.md
The key idea there is to use the Aggregated Reportin…
-
[According to owasp](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html), bcrypt (aka blowfish) is recommended for "legacy systems". Furthermore, their _minimum_ recommen…
-
hi, i am new to pool and nomp configuration and stuff. i somehow managed to configure and run it for ltc. I wonder how can i add support for coins that didn't ship with the bundle like marucoin/x13 an…
-
Hi,
a foxx app, wanting to verify JWTs signed with the RS256 algorithm, needs to do public key crypto in arangodb.
Specifically, we use Keycloak as the authentication provider, and it can only provi…
-
Currently we have this text:
When signed attributes are absent, the composite signature is computed over the message digest of the content. When signed attributes are present, a hash is computed ov…
-
At Red Hat, we set the SECLEVEL to 2 in DEFAULT and LEGACY policies (in crypto-policies [1], not providers). So when SECLEVEL 2 is in use, the creation and verification of SHA-1 signatures is rejected…
-
Hashing in Java SOM seems to be broken at least for doubles:
```
hashcode = (
run = (
1.1 hashcode println.
1.1 hashcode println.
)
)
```
prints different numbers …
-
-
### What I Did
I've tried to use proftpd with Argon2 passwords and I've used argon2 binary compiled from https://github.com/P-H-C/phc-winner-argon2 in order to generate a password.
### What I Ex…