Nemeski@lemm.ee to Privacy Guides@lemmy.oneEnglish · 4 months agoSignal under fire for storing encryption keys in plaintextstackdiary.comexternal-linkmessage-square44fedilinkarrow-up1204arrow-down10cross-posted to: cybersecurity@sh.itjust.worksprivacy@lemmy.worldprivacy@lemmy.mltechnology@lemmy.worldfoss@beehaw.orgprivacy@lemmy.ca
arrow-up1204arrow-down1external-linkSignal under fire for storing encryption keys in plaintextstackdiary.comNemeski@lemm.ee to Privacy Guides@lemmy.oneEnglish · 4 months agomessage-square44fedilinkcross-posted to: cybersecurity@sh.itjust.worksprivacy@lemmy.worldprivacy@lemmy.mltechnology@lemmy.worldfoss@beehaw.orgprivacy@lemmy.ca
minus-squarepearsaltchocolatebar@discuss.onlinelinkfedilinkEnglisharrow-up69arrow-down1·4 months agoBut… That’s how encryption keys are stored.
minus-squareEvotech@lemmy.worldlinkfedilinkEnglisharrow-up47arrow-down1·4 months agoNo your don’t understand, you’re supposed to encrypt the keys. Then you encrypt that key And then that key Until it’s all encrypted /s
minus-squareboredsquirrel@slrpnk.netlinkfedilinkEnglisharrow-up21·edit-24 months agoopportunistic TPM integration would be nice. I.e. use the security chip of the device, if one is found. Otherwise use password. OR use a Nitrokey etc, which can act as a secure device to store these keys too. Take that, Windows. You dont need a builtin TPM if you can use a Nitrokey 3 with a secure element, externally.
But… That’s how encryption keys are stored.
No your don’t understand, you’re supposed to encrypt the keys.
Then you encrypt that key
And then that key
Until it’s all encrypted /s
opportunistic TPM integration would be nice.
I.e. use the security chip of the device, if one is found. Otherwise use password.
OR use a Nitrokey etc, which can act as a secure device to store these keys too.
Take that, Windows. You dont need a builtin TPM if you can use a Nitrokey 3 with a secure element, externally.