Nemeski@lemm.ee to Privacy Guides@lemmy.oneEnglish · 4 months agoSignal under fire for storing encryption keys in plaintextstackdiary.comexternal-linkmessage-square46fedilinkarrow-up11arrow-down10cross-posted to: cybersecurity@sh.itjust.workstechnology@lemmy.worldfoss@beehaw.org
arrow-up11arrow-down1external-linkSignal under fire for storing encryption keys in plaintextstackdiary.comNemeski@lemm.ee to Privacy Guides@lemmy.oneEnglish · 4 months agomessage-square46fedilinkcross-posted to: cybersecurity@sh.itjust.workstechnology@lemmy.worldfoss@beehaw.org
minus-squarepearsaltchocolatebar@discuss.onlinelinkfedilinkEnglisharrow-up0·4 months agoBut… That’s how encryption keys are stored.
minus-squareboredsquirrel@slrpnk.netlinkfedilinkEnglisharrow-up0·edit-24 months agoopportunistic TPM integration would be nice. I.e. use the security chip of the device, if one is found. Otherwise use password. OR use a Nitrokey etc, which can act as a secure device to store these keys too. Take that, Windows. You dont need a builtin TPM if you can use a Nitrokey 3 with a secure element, externally.
minus-squareEvotech@lemmy.worldlinkfedilinkEnglisharrow-up0·4 months agoNo your don’t understand, you’re supposed to encrypt the keys. Then you encrypt that key And then that key Until it’s all encrypted /s
But… That’s how encryption keys are stored.
opportunistic TPM integration would be nice.
I.e. use the security chip of the device, if one is found. Otherwise use password.
OR use a Nitrokey etc, which can act as a secure device to store these keys too.
Take that, Windows. You dont need a builtin TPM if you can use a Nitrokey 3 with a secure element, externally.
No your don’t understand, you’re supposed to encrypt the keys.
Then you encrypt that key
And then that key
Until it’s all encrypted /s