cryptography   24087
DNSSEC Analyzer
The DNSSEC Analyzer from VeriSign Labs is an on-line tool to assist with diagnosing problems with DNSSEC-signed names and zones.
cryptography  debug  debugger  dns  dnssec  reference  test  testing  tools  validate  jk-www  jk-analyst  jk-webtools
10 hours ago by websitejk
Sharing secrets and distributing passwords
Shamir’s Algorithm

Key to the utility of this algorithm is that it does not force the restriction that the number of sub-passwords to decrypt has to be the same as the number of sub-passwords generated. We can tweak the parameters such that any number of sub-passwords (less than or equal to the total number generated), can be used to unlock.

We can see how this algorithm is not a broken-plate type problem. We don't need all the sub-passwords to re-create the secret. All we need is sufficient to mathematically solve the order of the equation we are using.

Knowledge of any non-complete combination of sub-passwords gives an attacker no additional information on how to solve the problem. Even if you have knowledge of n-1 passwords, there are still an infinite number of curves that fit through these points, and thus an infinite number of possible intercepts.

As we can clearly see, it's very easy to generate new sub-passwords as needed. If we need to generate and distribute a new sub-password, we simply pull off another coordinate from the curve and give that out! None of the existing passwords need to change.

If some of the sub-passwords are compromised (and you know which ones) and you want to regenerate new ones, but keep the uncompromised ones the same, you can generate a new curve that passes through the points you wish to keep. [Edit - Only if the the number of uncompromised points is two (or more) less than the minimum number needed to reconstruct the secret. Thanks for the correction @N1DQ]

To weight passwords (such as giving The President a nuclear launch password with three times the power of a regular password), we simply give out multiple coordinates to that person. Thus, for the nuclear launch example requiring requiring five votes, we generate an order-4 polynomial, give The President three coordinates from the curve, The Secretary of Defence two coordinates off the curve, and the rest of the troops one coordinate each.
cryptography  password  share  secret  polynomial  parabolic
yesterday by Tonti
Cryptography failure leads to easy hacking for PlayStation Classic | Ars Technica
Don't put the damn private key on the same thing it's supposed to unlock. FFS.
cryptography  510  horrorstories
2 days ago by dsalo
Cyber Security (InfoSec) Interview Questions [2018 Update] | Daniel Miessler
Interview First Principles System Administration Encryption Network Security Application Security Risk Industry Wisdom The Onion Question Model The
Cyber  Interview  Cryptography  InfoSec
3 days ago by snkhan

Copy this bookmark:

description:

tags: