-
**Suggestion/Request for discussion:**
According to the discussion in Issue #66 and the [mentioned assessment of the DESIRE proposal](https://github.com/DP-3T/documents/issues/66#issuecomment-6281523…
-
[RFC 6070](http://tools.ietf.org/html/rfc6070) which defines the test vectors we are using, only defines test vectors for hmac-sha1. This means that hmac-sha{224,256,384,512} are untested. While we ar…
-
- AES and AES candidates
- AES (Rijndael)
- Other block ciphers
- Triple-DES (DES-EDE2 and DES-EDE3)
- Block cipher modes of operation
- ECB
- CBC
- OFB
- CFB
- Co…
-
http://future.islandora.ca/admin/config/system/jwt defaults to RSASSA-PKCS1-v1_5 using SHA-256 (RS256). Security review of an Islandora 8 instance pointed out that https://tools.ietf.org/html/rfc3447#…
-
After logging in, users receive a JWT (JSON Web Token) as an authentication cookie, consisting
of the following three parts encoded in Base64:
- Header
- Payload
- Signature
If a weak secret …
-
In our EDV client implementation, we use SHA-256 to hash the encrypted attribute values that will be HMAC'd. We do this additional hashing prior to HMACing to improve privacy and performance; when the…
-
Currently all encryption / decryption is done by Stanford JavaScript Crypto Library (sjcl). Since Web Cryptography API is now a recommendation and implemented by Firefox and Chrome we should investiga…
-
I've used sftp_ex with no issue at all in the past. But now I can connect to the server but every other operation hangs. Same behaviour with `ssh_sftp.start_channel/3` and `list_dir/3`. The shell hang…
-
It would be better to use an HMAC as salt during encryption, and then check validity after decryption.
This requires access to a non-js hashing API. Pure-js md5 is 1s for 50K, and SHA-256 is 2.5s, w…
krid updated
14 years ago
-
This project already includes several RustCrypto crates via the dalek crates. As far as I can see from it you only use [AES-GCM](https://docs.rs/aes-gcm/), [SHA-256](https://docs.rs/sha2/), [HMAC](htt…