#StackBounty: #encryption #jwt #x509certificate #x509 #jwk JWK Key Creation with x5c and x5t parameters

Bounty: 500

I have the need to generate a JWK with the following parameters:

  • “kty”: Key Type
  • “kid”: Key ID
  • “use”: “sig” Public Key Use
  • “n”: the modulus
  • “e”: “AQAB” the public exponent
  • “x5c”: X. 509 Certificate Chain
  • “x5t”: X.509 Certificate SHA-1 Thumbprint

Note:

  • JWKs should contain a public key using RSA algorithm. RSA provides a key ID for key
    matching purposes.
  • Should contain X.509 certificate using both “x5t” (X.509 SHA-1 Thumbprint) and “x5c” (X.509
    certificate Chain) parameters

The first 5 parameters ("kty", "kid", "use", "n", "e") are fairly straight forward and not an issue. However, for the "x5c" and "x5t" components, I am not sure how to generate these. It seems as I can create an x509 cert using tools such as the one found at https://www.samltool.com/self_signed_certs.php and I suppose the x509 cert generated there would be the x5c parameter. Is this correct and how would I generate a x5t (cert thumbprint) from this?

All help is appreciated.


Get this bounty!!!

#StackBounty: #ubuntu #partitioning #ssd #encryption #restore How can I restore the encrypted partition table of my LUKS encrypted ubun…

Bounty: 50

I accidentially deleted the partition table of one SSD. I am trying to restore everything with TestDisk and when I run analyze it shows me the following after some percent of the process:

MS Data                     2048     976895     974848
MS Data                   976896     980991       4096
                         490689665 44640848976 44150159312 [~^ }

after the process terminated it shows me

     Partition               Start        End    Size in sectors
>P MS Data                     2048     976895     974848
 P MS Data                   976896     980991       4096

When I then write the table via testdisk it restores only 2.1 MB of the around 480GB partition. When I reboot it shows the decryption screen, but it does not take my password (yes, I am sure it is the correct one).

I think the ending of the second partition is just wrong, but no idea how to change that savely. When I then perform a deep search on the second found partition it shows:

Disk /dev/sdb - 480 GB / 447 GiB - CHS 58369 255 63
     Partition               Start        End    Size in sectors
>D MS Data                     2046     976893     974848
 D MS Data                     2048     976895     974848
 D MS Data                   280580    1255427     974848
 D MS Data                   280616    1255463     974848
 D MS Data                   280684    1255531     974848
 D MS Data                   280758    1255605     974848
 D MS Data                   280800    1255647     974848
 D MS Data                   280968    1255815     974848
 D MS Data                   281004    1255851     974848
 D MS Data                   281070    1255917     974848
 D MS Data                   281118    1255965     974848
 D MS Data                   281168    1256015     974848
 D MS Data                   281224    1256071     974848
 D MS Data                   281292    1256139     974848
 D MS Data                   285230    1260077     974848
 D MS Data                   285250    1260097     974848
 D MS Data                   285272    1260119     974848
 D MS Data                   285292    1260139     974848
 D MS Data                   285448    1260295     974848
 D MS Data                   285512    1260359     974848
 D MS Data                   285620    1260467     974848
 D MS Data                   285784    1260631     974848
 D MS Data                   285802    1260649     974848
 D MS Data                   285862    1260709     974848
 D MS Data                   285902    1260749     974848
 D MS Data                   285924    1260771     974848
 D MS Data                   285946    1260793     974848
 D MS Data                   285966    1260813     974848
 D MS Data                   286100    1260947     974848
 D MS Data                   286250    1261097     974848
 D MS Data                   289768    1264615     974848
 D MS Data                   289864    1264711     974848
 D MS Data                   289892    1264739     974848
 D MS Data                   289912    1264759     974848
 D MS Data                   289930    1264777     974848
 D MS Data                   294298    1269145     974848
 D MS Data                   294394    1269241     974848
 D MS Data                   294422    1269269     974848
 D MS Data                   294442    1269289     974848
 D MS Data                   294674    1269521     974848
 D MS Data                   294696    1269543     974848
 D MS Data                   294746    1269593     974848
 D MS Data                   294792    1269639     974848
 D MS Data                   294838    1269685     974848
 D MS Data                   294888    1269735     974848
 D MS Data                   294936    1269783     974848
 D MS Data                   294968    1269815     974848
 D MS Data                   295024    1269871     974848
 D MS Data                   295084    1269931     974848
 D MS Data                   295136    1269983     974848
 D MS Data                   976896     980991       4096
 D MS Data                   978944     983039       4096



Structure: Ok.  Use Up/Down Arrow keys to select partition.
Use Left/Right Arrow keys to CHANGE partition characteristics:
                P=Primary  D=Deleted
Keys A: add partition, L: load backup, T: change type, P: list files,
     Enter: to continue
ext4 blocksize=1024 Large_file Sparse_SB Backup_SB, 499 MB / 476 MiB

How can I restore that partition table of my LUKS encrypted ubuntu 20.04 partition? It was an encrypted LVM install on the whole SSD.


Get this bounty!!!

#StackBounty: #encryption #defense #hsm #architecture Using an HSM to protect encrypted data even when a server is compromised

Bounty: 100

Imagine a system architecture where an API server is able to send a request to an HSM, and the HSM is able to decrypt some data for a particular user/customer, in order to serve some hypothetical purpose. In this case, if the API server is compromised, a hacker would be able to make many requests to the HSM to decrypt all of the data for all of the customers.

Typically, people suggest configuring the HSM with something like a rate limit to reduce the damage that would come from a server compromise, but I’m curious if it is possible to take this idea a step further and implement a method for controlling the HSM that involves requests from multiple servers.

For example, if we imagine that the API servers are behind a load balancer, then would it be possible to have the load balancer send a message to the HSM to notify it that an API server will shortly be sending a request for a particular customer? In that case, the HSM would first receive a notification from the load balancer, followed soon after by a request from the API server. If the HSM could be programmed to require both of those things before decrypting anything, then a hacker that compromised only the API server (and not the load balancer as well) would not be able to steal any data at all unless a legitimate request from a particular customer came in. This kind of "pseudo-quorum" architecture seems like it would be very secure to me, but I’m not an expert so there could easily be something obvious that I’m missing. Would this actually be a secure architecture for an API? And are there any HSMs that can be programmed to do something like this?


Get this bounty!!!

#StackBounty: #encryption #aes #cbc Does reusing IV in AES-CBC weaken it?

Bounty: 50

Rsynccrypto allegedly uses AES-CBC with a twist: If the last few bytes of plaintext meet a condition*, then stop, pad the current block and start encrypting new block from the current position in file while reusing the IV.
Better example might be in pseudocode:

if (trigger(buffer, i)) {
  encrypt_next_block(buffer, i);
  init_encryption(iv);
} else if(is_block_boundary(i)) {
  encrypt_next_block(buffer, i)
}

You can check the code here

Does that weaken the encryption somehow? If so, how?

* The exact condition is sum of the last 8196 bytes mod 4096 equals 0.


Get this bounty!!!

#StackBounty: #encryption #aes #cbc Is rsynccrypto schema secure?

Bounty: 50

Rsynccrypt allegedly uses AES encryption in CBC mode where the IV is reused for the next block after some runs of bytes (defined by the trigger function).

Does that weaken the encryption somehow? If so, how?

Edit: The whole scheme with RSA encryption for each file is something I haven’t seen anywhere else. Possibly to prevent tampering? This makes replay attacks still feasible, doesn’t it?

Yet, is the altered AES-CBC secure? With some modifications, It could be still viable.


Get this bounty!!!

#StackBounty: #encryption #key-management #data-recovery #openpgp #thunderbird How to get PGP key passphrase out of Thunderbird?

Bounty: 100

I set up Thunderbird to use PGP a while ago, so I can sign and decrypt messages now. But I have forgotten my private passphrase for my private key, but since Thunderbird can do it anyway, it has it stored somewhere. How can I get it?

I already know that the password, with which encrypted-openpgp-passphrase.txt – the file that actually has my forgotten passphrase – is encrypted, is stored in key4.db, but I were unable to figure it out by reading key4.db – both with a SQLite browser and with cat. The program firefox-decrypt is not helpful since it only gives me the login credentials for my e-mail-server.


Get this bounty!!!

#StackBounty: #encryption #sql-server-2019 #certificate #encryption-key Changing Database Encryption Keys

Bounty: 100

I have been asked to "rotate" the Certs and Keys for a given database and the only way I knew of to accomplish this was to unencrypt the data first, using DECRYPTION BY CERTIFICATE, create new certs and keys, and re-encrypt using the new cert and key.

I was then told that I could not have the data in an unencrypted state (readable to users) for any amount of time and the application could not be brought down to ensure security for any amount of time. Then I found ALTER MASTER KEY REGENERATE WITH ENCRYPTION BY PASSWORD

My question is, will this REGENERATE accomplish the "rotation" of certs and keys (create new ones, which I think it will), and if so, will it leave the data in a "readable" state at anytime during the process?

SQL Server 2019 Standard Edition build 15.0.4083.2


Get this bounty!!!

#StackBounty: #mysql #replication #amazon-rds #aws #encryption Is offsite replication from MySQL AWS RDS with encrypted RDS storage pos…

Bounty: 100

AWS RDS for MySQL now supports encrypted storage backends. This encrypts the MySQL data and binlogs with a key within AWS’s key management system, thus causing offsite replication issues because we do not have the binlog key on our private replica. We know that you can not replicate encrypted->unencrypted and unencrypted->encrypted, so the question is this:

  • Can we provide encryption keys to AWS for the RDS storage encryption such that we can use that key in our remote replication (offsite, not in AWS) to replicate properly?
  • If so, what is the procedure for generating a key and uploading it AWS?

(We don’t have an AWS support agreement, so if you do, perhaps you could ask on our behalf to answer this question.)

Thanks for your help!


Get this bounty!!!

#StackBounty: #encryption #hardware-compatibility Hardware for encryption

Bounty: 50

I have a server with an AMD N36L (HP ProLiant MicroServer N36L). It works fine except it is too slow for encrypting 1 Gbps network data and full-disk encryption:

$ openssl speed aes-256-cbc
The 'numbers' are in 1000s of bytes per second processed.
type             16 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes  16384 bytes
aes-256 cbc      44377.97k    47345.83k    48251.48k    48544.09k    48589.48k    48658.84k

What kind of add-on card can I put in the machine, so the kernel will auto detect this for encryption? I do not want to bother with non-free modules.

Can I simply add a graphics card?
https://developer.nvidia.com/gpugems/gpugems3/part-vi-gpu-computing/chapter-36-aes-encryption-and-decryption-gpu

$ lscpu
Architecture:                    x86_64
CPU op-mode(s):                  32-bit, 64-bit
Byte Order:                      Little Endian
Address sizes:                   48 bits physical, 48 bits virtual
CPU(s):                          2
On-line CPU(s) list:             0,1
Thread(s) per core:              1
Core(s) per socket:              2
Socket(s):                       1
NUMA node(s):                    1
Vendor ID:                       AuthenticAMD
CPU family:                      16
Model:                           6
Model name:                      AMD Athlon(tm) II Neo N36L Dual-Core Processor
Stepping:                        3
CPU MHz:                         1300.000
CPU max MHz:                     1300.0000
CPU min MHz:                     800.0000
BogoMIPS:                        2595.51
Virtualization:                  AMD-V
L1d cache:                       128 KiB
L1i cache:                       128 KiB
L2 cache:                        2 MiB
NUMA node0 CPU(s):               0,1
Vulnerability Itlb multihit:     Not affected
Vulnerability L1tf:              Not affected
Vulnerability Mds:               Not affected
Vulnerability Meltdown:          Not affected
Vulnerability Spec store bypass: Not affected
Vulnerability Spectre v1:        Mitigation; usercopy/swapgs barriers and __user pointer s
                                 anitization
Vulnerability Spectre v2:        Mitigation; Full AMD retpoline, STIBP disabled, RSB filli
                                 ng
Vulnerability Srbds:             Not affected
Vulnerability Tsx async abort:   Not affected
Flags:                           fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca 
                                 cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mm
                                 xext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_t
                                 sc rep_good nopl nonstop_tsc cpuid extd_apicid pni monito
                                 r cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy a
                                 bm sse4a 3dnowprefetch osvw ibs skinit wdt nodeid_msr hw_
                                 pstate vmmcall npt lbrv svm_lock nrip_save


Get this bounty!!!

#StackBounty: #encryption #password-cracking #macos How best to crack password for MacOS encrypted .dmg, given I know the majority of t…

Bounty: 50

Encrypted .dmg on MacOS High Sierra, tested password before sending for repair. Upon return from repair, password does not work. The possibilities I see are the .dmg file is corrupted, or I’m wrong about the password I thought I knew.

Nothing else seems corrupted so am tentatively assuming the latter.

In that case, as far as I can tell I could be wrong only about a minority of the password content.

Is there a way to discover the password given I have knowledge of the majority of its likely content?


Get this bounty!!!