/os/ - Online Security

News, techniques and methods for computer network security.


New Reply on thread #1211
X
Max 20 files0 B total
[New Reply]

[Index] [Catalog] [Banners] [Logs]
Posting mode: Reply [Return]


In this thread we will discuss cryptography, cryptosystems, crypt-analysis, and tools for cryptography such as gpg and other tools. If you work in this field or hear of some relevant news about this field feel free to contribute.  Use hyperlinks and source citations to back up any claims made if necessary.
Some introductory questions:

1) What are some good books on this subject both mathematical and practical?

2) What are some good methods to defeat crypt-analysis like frequency analysis to include when doing standard encryption methods like RSA using gpg?  Would padding the plain text message before encryption with arbitrary random ASCII on both ends help or hinder this process?

3) Why is the trend for modern crypto to move away from using prime numbers towards elliptic curves? Speed? Security? Lower computation time?

Feel free to ask your own questions or to answer any that you see if you are knowledgeable on the subject field.

 >>/1212/
2)
I'm suggesting to pad your messages with passgen.sh as I think that it might be helpful.

$ passgen >> message.txt
$ nano message.txt

/BwZ1X7Xe3YgJhlWtxjmjweodhiKm5Dg2mkuyEyTRTQCFL2AajWTTxGl2TW1/tSztDoz2Ci0YveM

This is the message. Have a nice day!

^X

$ passgen >> message.txt

$ gpg --list-keys | more
$ gpg -e -a -r Endwall message.txt
$ cat message.txt.asc
$ gpg -d message.txt.asc

Seems to work.  Maybe pad it twice on either end. That should mess with the crypt-analysis.  Just an idea.

Of course do this on your air gap and shuttle the messages and replies by floppy disk to your transmission workstation. Do encryption and decryption on an air-gap, and move the messages by floppy disk message sneaker net FDMSN . That should mess them up really good.  If they can still get to your messages after that then re-evaluate the trustworthiness of the counter-party correspondent.

13ZoQy9B1ujf/6KODseSSs9R2ARf8dxxr8Y/MaYr2a8YdfXpijZLpXz3UZMpYzbbKKqj0hY8hEMZ
AfgWbLpcoYtf/UhcZ92DbORgEwMQs7RandyjFkwJ0cMWZTW1wOYSiKgHExfbt72aXg2PDeARrBY0
CruBW+b8R9ZlNM1Tv0eedoVjlJZi8LVRmlnKw1hQn2lCSyvjXTzNq+6+BylwuSfi+89FKsvMQgfX
bvX56HsxwXCUxE4ydBFmaS+1JdJWycY/EQN6cCfcblQSrYcuWZwHckEvLdf+wAcQxxbq2OhZyy5I
2go0G2d4gBMTB3T/+tXD7DM4JkkVmQkSeDiArEgUvvJ8oyBNmuDHQ/e3dtKFHhEmmXDax2yHwvEk
ZFBtRZyU+BZ5QiS5BsQr0tVKg2AAa7+WYvKmGQkN7C22QcybQzu7n2GHW34ZcitYmwehWtF/nJko
oxz2ANtQaruvfxU0JoZoZ/fGiXQ7LvQe1DfTUz6WoqNpfSpH4lq3GTeaO+aBB0CDvayrqOn4hpmK
gqy08tCIwuNfQbkRjxwx6jK6RHx5r9rOXe1cFZKoteAx4g+AVYfHFanpo+mXrk1nj3ceq06bNDFJ
ywAwOfAhjToLvc3T7ss/JUMHOLSoi2vSuF9YRou3yab1YMJFToFloOxkdVOXRUjaGR8AOqkqoqzO
Q08htUsrrFo5LwlbYsNj3r05gQP4glqZSyAvcLU1INmKjkWWGXdRr1uuf/ZeNR0QUlElDXCm2jbS
/BwZ1X7Xe3YgJhlWtxjmjweodhiKm5Dg2mkuyEyTRTQCFL2AajWTTxGl2TW1/tSztDoz2Ci0YveM

This is the message

R+dVRSBw7ZHS0SxB19SpSr5tcHNHIU2Nea9LKIgD9rRQYLbxPqaD4GQJtSM3sUniM1uforqxc9VE
3H0/Fe3o1JJDh1xnfWwiscnpb9OcSdOJAH9+Lz5C+1Pgoh2ZYtwwhCxp2wtNfsmZWR6V7RKZMkO/
lGUrlL/P4pXTq+z0co7GOI1W6PNI5E2+0E91UOv7Id4iBUa8FFEyPv7TGDJ7ZWSnCCops4cmZXYF
6DgWgp8y7v+1CbxWbgXYBddylSsQPNyNaG+IDlIhO4VjibZ0b9iBA02P0rUF6sxuWv+YVZ/Pxzm5
VlAIOjiRYto2zA7ei9tw7lhmSwX8A3xW9+zALOJb1e8B95aL+bZwwmu4Sq7rpnbY59FQkesCcDVf
+rNucwbLg9HsXTGnHxNJ2rQCHfTwL14wAEXd+LHY6p/JnNtM3xnWWe+67FGMGAg9vslynkqJH3bT
yM1XiW2+r5P/Pr5QaUqqd/h8sQsexuUgDzymqlz0N9ncbEB7c74JObHlNEzSEmVLquYU/NJi7TV5
OSgwyRtDAAITbK73KNQiPaDcZG6vSsLoQT5UeiqIYuqclgMLECtVGhDFvhuxJUREK9IZKlG7W3RY
XTS+yBwSXMhwu9EN4lcze3L5JeKoqWfaducYU+V72CsH6xX3ynZdc4YKOm9BzqDD+NdQnRM+Kt50
R/t26ACms/nRiDVxkSj7ZBNOv8KDtsBTYUuTH+JPx9rwI7ilIJs5FrXXPqWdR1idAM80GSKTk/PR
lL5r941U2cP6FJfvgPv/emI83/IY4cRB3BzWLKyZfLG9u9iH8ldsUe3pa1X+B2suzTnyrqC+CQoP
4rIUdH/6JcPJnGSKVNOEsW5TuJRQDMfdmPpwuwgWFwY/MCw36dYbzPonE4dVd2LWx/dIj2uXafrz
F1yfpG6omJjtuzf5w4O0OjFvT8zZc0OnlSJ4Qr4LWOCUjdZTzN7hPB+ZjAiJLvvWlHuz/8RELfJx
BF1j+P4eoDDymo45Tk/nkZnoNHS9rHPDITultXHl+nnpjItbj1X2vMeJPWfNTQeV7QcX51cSKaPY
T1H+cpzz80PmV0TRRbr6rsPlwmxxl72vQqXhruc7dw4+YAHRVRwIqudCgu/M0bj8guE+bb9x679j
WsW1cNEU0OJt+OIvbayi3Ko/Wqen3w+3ravWYaSHJT7RaZqvOOLkdl/iEiazmG5rYa9GMvx2i57W
XpRX446eEThe8WQpP0ShgNfDfQw1ZISSWoRivxNMJYX5Px0K


Vernam Cipher (One-Time Pad)
https://youtube.com/watch?v=cpqwp2H0SNo
Duration  : 11:21  Published : 08 Oct 2018
Description: 
The Vernam cipher (aka the one-time pad, or Vigenere OTP) is the only encryption algorithm with perfect security, meaning it is unbreakable. The general concept of computational security is explained and also how XOR is used in this cipher. Then I explain the reasons why the Vernam cipher isn't really useable in 'real life'.

Endwall's Comment:  This really is usable in the situation where you have limited computational power....like with an 8 bit computer for instance.   you could use a floppy disk as the pad, and copy it and give it to your counter party for a year's worth of real time instant messaging over the telephone line. Every used block should be overwritten with a null character or zeroed out so that the program knows were to seek to for the next decryption block. This crypto-system is optimal to use with an 8-bit computer over the telephone lines.  The computations are simple.  This could be programmed in a weekend. Find or demonstrate working examples of this over the telephone modem on a Commodore 64 and post back here (working code or videos of it working). 

https://en.wikipedia.org/wiki/One-time_pad

"Starting in 1988, the African National Congress (ANC) used disk-based one-time pads as part of a secure communication system between ANC leaders outside South Africa and in-country operatives as part of Operation Vula[28], a successful effort to build a resistance network inside South Africa. Random numbers on the disk were erased after use. A Belgian airline stewardess acted as courier to bring in the pad disks. A regular resupply of new disks was needed as they were used up fairly quickly. One problem with the system was that it could not be used for secure data storage. Later Vula added a stream cipher keyed by book codes to solve this problem.[29]"

Apparently not an original idea, even Africans were smart enough to go to this level...


Using a DVD with 4.7GB of random bits or random characters from /dev/urandom is probably good enough for most people for a time frame of 5 years worth of communications. People with a necessity for a longer time frame could do this with 10 TB hard disks and have private bi directional or (group based ) conversations with trusted parties for several years like maybe 20 years as long as you don't start sending large files.  It should be good for text, pictures, audio and small video clips.  

For more serious people getting actual random numbers will be a priority, by building some kind of physical or electronic device that can generate random static to record to disc.  A Geiger counter, radio transmissions on a static channel.  Maybe take all of these inputs and sum them together and add it to the output from /dev/urandom.

Crypto for 8-bit
https://cryptolux.org/index.php/Links_to_Embedded_Crypto_Implementations
https://crypto.stackexchange.com/questions/55885/lightweight-cipher-using-only-8-bit-operations
https://crypto.stackexchange.com/questions/570/types-of-cryptography-for-a-4-8-bit-microcontroller
https://www.embedded.com/design/prototyping-and-development/4006433/Implementing-SSL-on-8-bit-micros
https://cockrum.net/Implementation_of_ECC_on_an_8-bit_microcontroller.pdf

 >>/1439/
Shale usually contains trace amounts of the elements Uranium, Thorium, and Potassium, as radioactive isotopes.  Go to the mountains or wherever you can find rock outcrops and bring a hammer and a burlap sack.  Smack off some shale and sandstone from the rocks, and then bring them home.  Smash these up with the hammer using protective eye wear in the back yard.  Place the rock chips into your burlap sack.  This will serve as the radioactive source.   Your Geiger counter will go into the bag and connect via RS-232 to your 8-bit computer.  The accumulation count of gamma ray / decay event detection in a 5 second window, will be counted every 5 seconds.  If the 5 second decay count is even store a 0, if the count is odd store a 1.  Every 40 seconds a random byte will be created. Write these in sequence to a 1.44MB A:\ floppy disk.  This is either your key for your one time pad or a random seed to use for pseudo random number generation.

 >>/1460/
This would be too slow to be practical.  If you could get a gamma count every second then it's better.   
1024 Bytes / KB 

1024^2 Bytes/MB *1.44 MB/floppy = 1509949.44 Bytes /Floppy Disk

At a rate of one random bit per second is 8 seconds per byte

=  12079595.52 s = ~139.8 days.  Too slow. 

Need to figure out a way to sample faster. I've never done this personally but I'd like to try it as an experiment.  If you get something like this going, make a youtube video with instructions.

Uranium Random Number Generator
https://youtube.com/watch?v=A7FiVn776eY
Demo of the device configured for a 4-bit random number based on events detected from a Geiger counter excited by Uranium.
Published : 12 Apr 2019 Duration  : 01:20
Random Number Generating Geiger Counter
https://youtube.com/watch?v=T0r6XocVHyo
Team Chub's senior design project
Published : 04 Apr 2011 Duration  : 02:18
Raspberry Pi Geiger Counter and Random Number Generator
https://youtube.com/watch?v=yfOV9Ex47pE
Duration  : 04:05 Published : 26 Dec 2012
"This is a quick video showing the Mighty Ohm Geiger counter i got for Christmas. I have interfaced it with the
Raspberry pi so it can also act as a random number generator.
The Python code for interfacing with Cosm: https://docs.google.com/open?id=0B1i26IugaGQbWFh6X1Bodmc3eUk
(I have regenerated my API key so don't bother trying to post to my stream :)
The Python code for Random Number Generation: https://docs.google.com/open?id=0B1i26IugaGQbYTRKRUl5aFhMZFU
My Cosm feed: https://cosm.com/feeds/94794
The Geiger Counter: http://mightyohm.com/blog/products/geiger-counter/
Picture of the Rapsberry Pi and Geiger counter: https://docs.google.com/open?id=0B1i26IugaGQbcHpCeXJHSEp5UEE"

etc...






 >>/1495/
Any radiocative isotope of an element should work.  In the video he's using Americium from a smoke detector.  You just need some random gamma and beta radiation from a decay event to set off the Geiger counter.   Any radio isotope will do.  Radioactive decay times and quantities are random and unknowable before the event occurs.

thumbnail of Youdontsay.jpeg
thumbnail of Youdontsay.jpeg
Youdontsay jpeg
(21.11 KB, 336x336)
How does a crypto operator in a client relationship protect themselves against duress?
We are already starting to see digital robberies, because crypto clients are typically anonymous and can use a range of access point the rick of Crypto-ATM robberies is increasing.
A two factor authorization and a silent alarm would be easy to set up- but this presents the risk that the silent alarm keeper could freeze accounts and make demands of clients.
A "two key" system can be used to ensure transactions and blocks are only made with the simultaneous cooperation of the Client and broker, but as with TOR if unilateral blocking is not possible the systematic takeover of brokering services is likely to eventuate.
While in theory if the broker was a bad-actor they still wouldn't gain access, the client would loose their protection without their knowledge- and a large number of bad-actor brokers would emerge to net a large number of clients.

Is this a problem inherent to a single origin (client centered) authorization chain?
Could the blockchain work in tandem in a two factor access system?


Post(s) action:


Moderation Help
Scope:
Duration: Days

Ban Type:


20 replies | 1 file
New Reply on thread #1211
Max 20 files0 B total