"Export controls and usage controls [on cryptographic software] are slowing the deployment of security at the same time as the Internet is exponentially increasing in size and attackers are increasing in sophistication. This puts users in a dangerous position as they are forced to rely on insecure electronic communication."
#privacy is such an interesting subject to me, because on one hand it's "a basic human right" but practically it's the right to lie and deceive each other.
I don't have a very good memory, and I believe that information wants to be free. So privacy has always seemed like a dangerous thing to me; like fighting thermodynamics.
That said, if I were a competitive person I can see how my attitude might need to change; hard to win when you're giving away all your secrets.
Let's say I have 1000 friends (haha, I know, right?) and I want to send each of them a number. If I put all the numbers into a list and send the list to all my friends, that sort of works, but each friend won't know which number is theirs.
So I'd like some way to tag each number in the list so each friend can quickly tell which number is theirs, but no one else can. ie, something faster than linear time search through the list would be ideal, but I'd settle for something linear if the constants are small. Maybe something like string equality as the match operation, but not a decryption.
And if someone who isn't my friend sees the list with all the tagged numbers, they shouldn't be able to tell who any of my friends are by using the tags somehow.
Me and all my 1000 friends (lol, it's still funny) all have asymmetric keypairs, so we can use those.
Is this a well-studied problem that has a name I don't know about yet? Maybe there are special-purpose tools that are a good fit for this?
Or maybe there's some clever scheme using encryption that solves this? I feel like a deterministic encryption of some well-known message for each friend gets pretty close. Then add a list-level nonce to make it randomized for each list, but not each friend. Then a friend can do the deterministic encryption using the nonce and scan through the list pretty quickly to find their number. But my asymmetric encryption primitive is randomized, so I can't quite make it work that way unless I use a different primitive.
Although, if the message to be encrypted deterministically is well-known, and the goal is not actually to protect the message, that kind of suggests encryption is the wrong tool here. I'm looking for some kind of tag that is only recognizable by the holder of the private key.
🆕 blog! “Lazy way to cause SHA-256 collisions for lazy evaluators”
Humans are lazy. That's why we have computers; to do the boring work for us. I recently downloaded a file. The website said the file should have a SHA-256 hash of: ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb So I ran sha256 filename on my machine. And then lazily compared the h…
have #privacy about health info (think genetic disorders)
be anonymous in terms of DNA-person match (which means ethically working researchers can not include their data in studies, e.g. GWAS etc.)
Sensitive data matters. Biodata is one of the most sensitive types of data you can think of. My advice: Don't use it as a first auth factor. And definitely not as a sole key for crypto.
Just downloading some updates and checking #SHA hashes, like you do. Insofar as people actually bother, I wonder how many people just look at the first few digits and the last few digits and call it a day. Which raises a question: has anyone ever explored the idea of hash "partial" collisions in a crypto context? I.e. if the first and last 8 hex digits are the same, but the middle could differ. Might be a useful thing for some attackers trying to deposit nasty things in public repositories. #Malware#HashCollisions#Cryptography#Software#InfoSec#SupplyChain
I've been using the Rust OpenSSL bindings for a while now, and they're fine. They're fine.
But the lib seems to be missing any bindings for EVP_PKEY_pairwise_check() and I'd really like to use it. Support for OpenSSL v3.x apis seems to be generally lacking.
Although, I've heard OpenSSL isn't a great library in general and maybe I should try to use something else. So maybe this is a good opportunity to migrate to a better lib?
What are the good crypto libraries out there for Rust? I'm looking for implementations of basic stuff like RSA, HMAC, AES, etc. Bonus points if the implementation is actually in a memory-safe language (like Rust!).
Ring looks nice maybe? I suppose there are probably bindings for libsodium somewhere. What are people using these days?
Just saw someone implementing user authentication for an #E2EE application by taking the users password, running it through libsodium's crypto_pwhash with a fixed salt derived from the user's email address, before sending the (email, hash) pair to the remote server.. and I'm just like "is this secure?"
I'd always thought you'd want a construct like SRP6a for conducting the authentication between client & server (without the server learning the user's password)... #security#cryptography
Without disassembly, there are 43,252,003,274,489,856,000 unique permutations in a 3×3 Rubik's Cube. If sufficiently shuffled, that provides ~65 bits security.
Which means recording the colors of each of the 6 faces after two sufficient shuffles is enough to provide at least 128 bits security.
1/ 🎉 Big news in the #OpenPGP world! Our team's labor of love, "OpenPGP for Application Developers," is now live! Check it out: https://openpgp.dev/. 🚀📚 Our mission? Make OpenPGP accessible, enjoyable, and a go-to tool for devs! #cryptography#security
Why must the #UX of any kind of #cryptography related tooling on our systems suck so much?
Today's task - manage CA certificates on our clusters' base-systems using #Ansible.
The canonical way on #RHEL systems seems to be, to use #p11kit's "trust" CLI.
"--help" says to use "trust list" - that sounds easy. I'll just compare those certificate serials against my desired state and then import the delta into the trust store…
But: the unique identifier of "trust list"'s output is a PKCS11 URI!
PassKeys seem like a bad idea. Google backs them up to the cloud, so if your Google account is compromised then all your private keys are compromised. I don't see how that's an improvement over password+2FA at all.
Now security keys I get; keep the private key on an airgapped device. That's good. Hell I even keep my 2FA-OTP salts on a YubiKey.