Hashing Passwords – Python Cryptography Examples

By Lane Wagner – @wagslane on Twitter Building a from-scratch server or using a lightweight framework is empowering. With that power comes responsibility, specifically the responsibility to securely store user’s passwords. Can I Store Passwords In Plain Text? To demonstrate the potential dangers, let us assume we DON’T hash passwords on a fake example website, LoveMatchingToday. Inevitably … Read more Hashing Passwords – Python Cryptography Examples

Cryptography Trends And News Going Into 2020

Quantum Computing Quantum computing may not be coming quite as fast as some in the field had certainly feared (or perhaps hoped). Google did, however, solve an impressive problem this year. They published a paper in Nature. It stated that their quantum processor solved a problem that, in contrast, a digital computer would take 10,000 … Read more Cryptography Trends And News Going Into 2020

(Very) Basic intro to AES-256 Cipher

AES stands for “Advanced Encryption Standard” and is a specification that has selected the Rijndael cipher as its symmetric key ciphering algorithm. Using AES, it can encrypt a message with a key (like a password) and no one except the key holder can decrypt the message. This is useful for many reasons, but a good … Read more (Very) Basic intro to AES-256 Cipher

(Very) Basic Intro to Hash Functions (SHA-256, MD-5, etc)

This is going to be a basic introduction to hash functions. I will assume most of my audience is here to gain an understanding of why hash functions are used and the basic idea of why they work. My goal is to explain it in a general sense, I will be omitting proofs and implementation … Read more (Very) Basic Intro to Hash Functions (SHA-256, MD-5, etc)

(Very) Basic Intro To Elliptic Curve Cryptography

This is going to be a basic introduction to elliptic curve cryptography. I will assume most of my audience is here to gain an understanding of why ECC is an effective cryptographic tool and the basics of why it works. My goal is to explain it in a general sense, I will be omitting proofs … Read more (Very) Basic Intro To Elliptic Curve Cryptography

(Very) Basic Intro to Key Derivation Functions (Argon2, Scrypt, etc)

A key derivation function, or KDF, derives one or many secret keys from a secret value. Therefore, If you’ve ever needed to store a password in a database or create a private key from a password, you may have used a KDF. For instance, some examples of popular KDFs: Argon2 Scrypt PBKDF2 Are KDFs just … Read more (Very) Basic Intro to Key Derivation Functions (Argon2, Scrypt, etc)

(Very) Basic Shamir’s Secret Sharing

By @wagslane (twitter) We use an algorithm called Adi Shamir’s secret sharing in order to share ownership of a secret among a group of participants. Then, in order to calculate the original secret, a minimum number of shares must be used. Example Problem To illustrate, let us imagine that a family of four shares a … Read more (Very) Basic Shamir’s Secret Sharing

HMAC and MAC Explained Simply – Building Secure Auth With JWTs

HMACs and MACs are authentication codes and are often the backbone of JWT authentication systems. Let’s take a look at how they work! MAC – Message Authentication Code MACs are exactly what they sound like; small codes that allow receivers of messages to know who the sender was (authentication). A MAC code is calculated by … Read more HMAC and MAC Explained Simply – Building Secure Auth With JWTs

Bitcoin Doesn’t Care About Your Identity, Only Your Knowledge

When you make a withdrawal at a bank, pay taxes, or get a license you must prove who you are. The process of proving who you are is a very “human” process. The authority checks your ID and ensures the picture looks like you, which allows them to trust that you are the person who’s … Read more Bitcoin Doesn’t Care About Your Identity, Only Your Knowledge

Qvault’s Offline Mode in Electron

We recently added “Offline Mode” to Qvault as a new feature. This was in preparation to also add Bitcoin and cryptocurrency key generation. There is now a toggle switch at the top of the app that, when switched off, ensures that the app will make no network requests. You have always been able to use … Read more Qvault’s Offline Mode in Electron