techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.7K
active users

#PrivateKeys

0 posts0 participants0 posts today

This absolutely has the potential to create a "liquidation event" for blockchain based crypto currencies!

Quantum Computing has the power to reverse engineer crypto private keys if the wallet keys have been exposed in public. The crypto industry needs to act quickly to figure out how to mitigate this threat before it truly becomes an existential crisis.

BTW, production grade Quantum Computing is commercially available now! decrypt.co/323512/existential-

This is what innovation can do!

#AirGapped #Offline #PKI #PrivateKeys #TwoFactor- #2FA #Yubico #Yubikey

======

Vincent Bernat Turns Three YubiKeys and a Cheap Single-Board Computer Into a Secure Offline PKI
hackster.io/news/vincent-berna

---
Developer Vincent Bernat demonstrates how to turn three Yubico YubiKey USB two-factor authentication dongles into an offline public key infrastructure (PKI) using a low-cost single-board computer as an air-gapped host.

Replied in thread
Continued thread

Securing #PrivateKeys in Production

Manufacturers employ various #techniques to protect #privatekeys during production:

1. Hardware Security Modules (HSMs) for secure key generation and storage
2. Trusted Platform Modules (TPMs) for on-device key protection
3. Secure Boot and Encrypted Boot mechanisms
4. Advanced Key Management Services (KMS)
5. Secure provisioning and transfer protocols

These measures aim to safeguard private keys from #unauthorizedaccess.

Replied in thread

@benjamin_e wrote:

<<< All these data which interests the intelligence agencies, know that HTTPS is not enough, in fact the TLS protocol has had a problem from the beginning, the general public encryption key servers are under the control of these agencies, it is literally a MITM. >>>

That would render the internet useless. I don't believe it's that bad (btw it's the private keys that must be kept secret and accessible only to autorised personnel for legitimate purposes. Apart from that, secure channels must exist for supplying OS- and browser makers with root certificates).

<<< These keys must also be generated and stored on private servers, otherwise it is open bar. >>>

Critical private keys should be kept in HSM's (Hardware Security Modules). But that's not enough, because *using* them is just as critical. Diginotar f*ed up because a stupid admin created a bridge between their "dirty" and secure network segments (en.m.wikipedia.org/wiki/DigiNo).

<<< Note : agencies has access to all data passing through fiber optic infrastructures. >>>

They do, but encrypted data is of no use to them (usually there's plenty of -unencrypted- metadata, IP-addresses in particar).

<<< Note 2 : Try to create a WordPress that talk about the end of the dollars. Your admin page will be auto hacked though https. >>>

Perhaps such a page will be hacked, but I very much doubt that https is to blame.

@kasperd

en.m.wikipedia.orgDigiNotar - Wikipedia

#PuTTY #SSH client flaw allows recovery of #cryptographic #privatekeys
The vulnerability (CVE-2024-31497) was discovered by Fabian Bäumer and Marcus Brinkmann of the Ruhr University Bochum and is caused by how PuTTY generates #ECDSA nonces (temporary unique cryptographic numbers) for the NIST P-521 curve used for SSH authentication. The main repercussion of recovering the private key is that it allows unauthorized access to SSH servers or sign commits as the developer.
bleepingcomputer.com/news/secu