Mastodawn

BéGé Oct 14, 2023

The sample server code references RSA-OAEP-256, which must be PKCS#11 CKM_RSA_PKCS_OAEP (http://docs.oasis-open.org/pkcs11/pkcs11-curr/v2.40/cos01/pkcs11-curr-v2.40-cos01.html#_Toc228894637) and suggests key wrapping on an ephemeral AES key, but I would love to have some formal documentation proving it. I find the doc sentence "Microsoft keeps one key" particularly disturbing

BéGé Oct 13, 2023

Does anyone know what the cryptography behind MS Double key encryption is ? https://learn.microsoft.com/en-us/purview/double-key-encryption-overview. I find the wording extremely confusing. I would expect encapsulation of an ephemeral key encrypting the document but it says MS keeps one key. Is it as expected the wrapped ephemeral key ? Or is it a scheme where 2 keys are combined using XOR or some other mechanism ? I cannot find any detail. #cryptography #microsoft

Double Key Encryption overview and FAQ

Frequently asked questions about Double Key Encryption.