Nextcloud: Improper confidentiality protection of server-side encryption keys

This vulnerability is related to the Improper integrity protection of server-side encryption keys vulnerability but leverages a different attack vector. While the previous attack broke the confidentiality of encrypted files because the public keys are not integrity-protected, this new attack brea...

Nextcloud: Downgrade encryption scheme and break integrity through known-plaintext attack

The idea behind the Server Side Encryption is that you can move your encrypted files to an external party without that external party being able to to read or modify those files. Some time ago, Nextcloud switched from unauthenticated CFB cipher block mode to authenticated CTR cipher block mode in...

VSHG - Hardware resistance & enhanced security for GnuPG

VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG's standared s2k key-derivation-function + a simplified interface for symmetric encryption . About VSHG VSHG Very secure hash generator is a standalone Addon for GnuPG Gnu privacy guard . It is written as a shell script and ...

Hardware resistance & enhanced security for GnuPG

VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG’s standard s2k key-derivation-function + a simplified interface for symmetric encryption . VSHG Very secure hash generator is a standalone Addon for GnuPG Gnu privacy guard . It is written as a shell script and is designed...