asteroza + encryption   521

BitLocker Group Policy settings (Windows 10) | Microsoft Docs
Controlling whether Bitlocker offloads encryption to an SSD with SED flags. Which is kinda important after several SSD models were found to be doing YOLO encryption...
windows  BitLocker  encryption  offload  SSD  SED  GPO  AD  group  policy  software  hardware  acceleration 
november 2018 by asteroza
Intra - Apps on Google Play
Google sponsored DNS-over-HTTPS DNS query funnel/VPN app
security  privacy  DoH  DNS  HTTPS  name  query  encryption  android  app  software 
october 2018 by asteroza
LAteral Movement Encryption technique (a.k.a. The "LAME" technique)
I wonder why let's encrypt didn't isolate the internal IP range DNS entry SSL certificates to a child CA cert that enterprises could explicitly distrust, which would quash this in a heartbeat.
internal  IP  range  SSL  TLS  certificate  letsencrypt  lateral  movement  encryption  security  hacking  pentesting 
september 2018 by asteroza
experimental anonymous comms network that is trying to be traffic analysis immune, particularly near endpoints which are under local adversarial organization control (aka corp networks)
privacy  anonymity  encryption  anonymous  communications  protocol  research  software 
august 2018 by asteroza
e2e post-quantum MQTT for m2m IoT? Normally hype-tastic, but it's got real security pros. Are MQTT topics encrypted too?
MQTT  e2e  encryption  security  PQE  M2M  post-quantum  IoT 
june 2018 by asteroza
SCION Internet Architecture
Interesting, but still have misgivings about treating core providers as trusted.
e2e  encryption  network  internet  protocol  design  networking  architecture  standard  specification  concept  security 
june 2018 by asteroza
Open Quantum Safe
early testing of post-quantum encryption, including a patched fork of openSSL to play with
OpenSSL  post-quatum  encryption  algorithm  library  testing  programming  development  security  QA  softare  networking  PQE 
june 2018 by asteroza
Firefox Send
One time file send service. File lives on server for 24hrs or one download, whichever comes first. Uses clientside encryption so network DLP with SSL stripping won't easily catch it.
mozilla  firefox  selfdestruct  link  file  upload  sharing  service  encryption  DLP  bypass  security  hacking  pentesting 
may 2018 by asteroza
saltpack - a modern crypto messaging format
thin wrapper around NaCl library using MessagePack format, as an alternative to PGP
encrypted  messaging  format  saltpack  cryptography  encryption  messagepack  nacl  PGP  GPG 
may 2018 by asteroza
th-wilde/veracrypt-w10-patcher: Windows 10 media patcher for upgrading VeraCrypt encrypted systems
When doing a big upgrade of windows 10, things go bad because it uses an image install basis, and that image lacks the veracrypt driver. This script will patch the image before the update starts so update can finish cleanly while still upgrading while encrypted
veracrypt  windows  10  update  image  driver  patch  script  sysadmin  tips  tricks  security  encryption 
may 2018 by asteroza
mindedsecurity/shhlack: Slack message encryptor/decryptor for desktop app and browser
E2E for Slack, so your boss or Slack can't decrypt private messages. Also makes e-discovery more of a pain too...
e2e  encryption  security  Slack  instant  message  IM  chat  privacy 
may 2018 by asteroza
Riot – Riot – open team collaboration
A fork is now the official E2E IM client of the french government, but not for those pesky peasant citizens...
e2e  IM  instant  message  chat  france  matrix  riot  communication  encryption  messaging  opensource 
april 2018 by asteroza
prosthetic knowledge — FontCode Research from Columbia Computer Graphics...
Using font kerning as a form of steganography, very subtle, but with high rez pictures, can you run the reverse, checking against known fonts to detect possible steg usage, or do you have to allow for enough slop in printing and camera angle that you would get too many false positives?
FontCode  encryption  cryptography  steganography  fingerprinting  font  kerning  glyph  perturbation 
april 2018 by asteroza
Round 1 Submissions - Post-Quantum Cryptography | CSRC
Round 1 candidates for the new NIST post-quantum cryptographic algorithm contest
NIST  contest  post-quantum  post  quantum  encryption  cryptography  algorithm  research 
december 2017 by asteroza
So You Want to Build a P2P Twitter with E2E Encryption?
Interesting demo of end to end encryption on a peer to peer twitter clone
e2e  P2P  gun.js  encryption  chat  IM  client  demo  proof-of-concept 
december 2017 by asteroza
bifurcation/treekeys: Group Keying via Trees
Looks like a PoC of the asynchronous ratcheting tree protocol in Go
encryption  cryptography  e2e  asynchronous  ratcheting  tree  protocol  messaging 
november 2017 by asteroza
Using tor would essentially hide the endpoint from clearnet public access, while potentially being able to penetrate firewalls. IoT safe remote access, or botnet C&C usage comes to mind. Interesting proof-of-concept though.
tor  WAMP  websocket  pubsub  remote  encrypted  P2P  RPC  networking  security  encryption 
november 2017 by asteroza
BlindHash-Restoring Trust in Passwords
Password hashing security as a service (more like salt as a service), using a 16TB salt and a new blind hashing technique. Functions like a Crypto Anchor.
security  service  password  blind  hash  encryption  cryptography  salt  CryptoAnchor 
november 2017 by asteroza
cryfs/cryfs: Cryptographic filesystem for the cloud
Uses authenticated blocks, so you can't attack a block/file. Truecrypt uses unauthenticated blocks, which means any attacker can put garbage blocks in, and the user only detects it as a (silent) data corruption. But it uses GCM, so as block/nonce reuse probability goes up (and it will happen!), it gets progressively easier to break the GCM, getting even worse if some plaintext is known.
cloud  file  encryption  cryFS  filesystem  opensource 
november 2017 by asteroza
CryFS: A cryptographic filesystem for the cloud
Uses authenticated blocks, so you can't attack a block/file. Truecrypt uses unauthenticated blocks, which means any attacker can put garbage blocks in, and the user only detects it as a (silent) data corruption. But it uses GCM, so as block/nonce reuse probability goes up (and it will happen!), it gets progressively easier to break the GCM, getting even worse if some plaintext is known.
cloud  file  encryption  cryFS  filesystem  opensource 
november 2017 by asteroza
Home - Hashgraph
Some sort of new distributed ledger with higher transaction throughput compared to bitcoin, doesn't seem to use either Proof of Work or Proof of Stake, and supports byzantine faults. But it seems it trades faster TPS for bad actor security, since this is vulnerable to a 1/3 bad actor ratio, compared to bitcoin's majority bad actor ratio. Also PATENTED so requires a license...
encryption  cryptography  cryptocurrency  bitcoin  blockchain  distributed  ledger  hashgraph  consensus  software 
november 2017 by asteroza
Securing customer data with KMS and Envelope Encryption in Node.js
Interesting pyramid/stacked encryption model to encrypting data with per tenant keys, but the weak point is the AWS KMS stored master key
AWS  cryptography  stacked  envelope  encryption  federated  key  rotation  security  cloud 
october 2017 by asteroza
« earlier      
per page:    204080120160

related tags

1.3  2.0  2.5inch  2D  2FA  2k3  3D  3DES  7-zip  7zip  128bit  256bit  802.11  A5/1  abuse  academic  acceleration  accelerator  access  accessory  accesspoint  acoustic  active  activism  activist  AD  adaptive  addon  ADRMS  advice  advocacy  aegis  AES  AES128  AES256  Afaria  agent  AGI  agreement  AIM  air  AirChat  airgap  ajax  Aladdin  Alcatel  algorithm  algorthm  alogirthm  alternative  ALV  amazon  analysis  analyzer  android  anonym.OS  anonymity  anonymized  anonymizer  anonymizing  anonymous  ANSI  antiDMCA  antikeylogger  antivirus  apache  API  app  applet  appliance  application  applications  applied  apricorn  architecture  archive  archiving  area  ARM  armory  articles  ascii  ASK  ASP  asterisk  ASUS  async  asynchronous  attack  attacks  AU  audio  audit  auditing  authenticated  authentication  authenticode  automatic  autorun  auxiliary  Avaya  AWS  axoloti  axTLS  back  backdoor  backed  backport  backup  bacteria  bandwidth  barcode  based  BBC  BDE  beat  behavior  Bell  best  bidirectional  bigbrother  BigTable  billing  binary  bioencryption  bioharddisk  biology  biometric  biometrics  biotechnology  bit  bitcoin  bitlocker  bitmessage  bittorrent  blackberry  BlackDog  blind  block  blockchain  blocker  blocking  blog  blowfish  bluetooth  book  boot  bootable  botnet  branch  break  breaking  bridge  broken  broswer  brother  browser  brute  BSD  bug  bump-in-the-wire  burning  business  bypass  C#  C++  CA  cache  CAESAR  calculation  calendar  Camellia  camera  cancellable  candidate  canon  CAPI  capture  car  card  carrier  cartoon  case  CD  Ceelox  cellphone  censor  censorship  cert  certificate  certifying  Certigate  CF  CGD  Chadder  chain  change  channel  character  chat  check  checking  china  chip  chrome  cipher  ciphers  ciphershed  citadel  Citrix  clamwin  classic  Cleversafe  CLI  client  clientside  clipperz  clock  cloud  cloudflare  cluster  CMS  CNN  code  coded  coder  codesign  cold  collaboration  college  collision  combination  comic  command  communication  communications  compact  competition  compliance  composite  compression  computation  computer  computing  ComSec  comunication  concept  concurrent  config  configuration  confirmation  connection  consensus  consumer  container  content  contest  control  controls  converter  coordinated  copy  corporate  correction  CoSoSys  courses  covert  CPS  CPU  cracker  cracking  Craigslist  crate  credential  credentials  credit  cross  crossing  cryFS  cryptainer  CryptainerLE  cryptanalysis  CryptDB  crypto  CryptoAnchor  cryptoAPI  Cryptocat  cryptocurrency  CryptoDox  cryptograpgy  cryptographic  cryptography  cryptograpy  CRYPTOLOG  cryptsetup  crytography  CSipSImple  CSR  CUDA  curve  custom  cyberlocator  cyrptography  daemons  DarkMail  darknet  DARPA  data  database  databases  dataglyph  datamatrix  datastore  daughtercard  ddon  deaddrop  deadmans  debian  decentralized  decode  decoder  decoy  decrypter  decrypting  decryption  deep  defcon  defense  defensive  deletion  Delicious  delivery  demo  democrakey  demonstrator  deniability  deniable  Derivation  DES  design  deskcrypt  desktop  detection  development  device  devices  DHT  diffie-hellman  DigiSAFE  digital  direct  directory  disaster  disclosure  disk  dispersal  dispersed  display  dissident  distortion  distributed  distribution  distro  DIY  DIZK  DLP  DMA  DMCA  DNA  DNS  document  DoD  DoH  domain  domestic  dongle  download  dragnet  drive  DriveCrypt  driver  driverless  DRM  drop  dropbox  DSA  dubsteg  dubstep  duplicity  DVD  dynamic  e2e  EasyCrypt  ebook  EC2  ECC  ECDH  ECDHE  ecosystem  ed25519  education  EFF  effect  Egnyte  EKE  Elcomsoft  electronic  electronics  electyronics  elliptic  elliptical  email  embedded  EMV  EncFS  enclave  EnclaveDB  enclosure  encode  encoding  encrypt  Encryptakey  encrypted  encrypter  encryption  encypted  end-to-end  end2end  endpoint  enforcement  engineering  enigma  Enova  Enovatech  enterprise  enterproid  entropy  envelope  environment  ephemeral  EPS  error  escrow  espionage  ETSI  europe  evaluation  event  Evros  example  ExcelStor  exchange  exe  exfiltration  exit  experiement  experimental  exploit  extension  external  extracting  extraction  extractor  extrusion  eye  eyegaze  fabber  face  facebook  factor  factoring  fail  failsafe  family  fast  FDE  FEC  federated  fedora  fernet  FIDO  field  figure  file  filesystem  filetype:pdf  filevault  filter  filtering  fingerprint  fingerprinting  FIPS-140  FIPS-202  FIPS202  firefox  firewire  Flagstone  FlagStone  flash  FlowingMail  folder  font  FontCode  force  forced  forensic  forensics  fork  form  formal  format  formfactor  forward  FourQ  FPGA  frame  framework  france  Fraunhofer  free  FreeBSD  freenet  freenigma  FreeOTFE  freespace  freestart  FreeSWAN  freeware  frontend  ftp  full  function  FUSE  fuzzing  fuzzy  gaim  gateway  gaze  generation  generator  geo-encryption  GeoCodex  geoencryption  ghost  github  global  glyph  gmail  GNU  GnuPG  go  google  gooogle  GP1080  GPG  GPG4Browsers  GPO  gps  GPU  grid  group  groupware  GSM  GStor  Guardian  GuardianEdge  GUI  guide  guideline  guidelines  gun.js  habit  hack  hacking  halftone  hard  hardening  hardphone  hardware  hased  hash  hashgraph  HDD  header  headset  hibernation  hidden  Hifn  high  hijack  HIPAA  history  HMAC  holder  homomorphic  hosted  hosting  hostproof  hotfix  hotspot  HotSpotShield  howto  HPN-SSH  HSI  HSM  http  https  human  humor  IBM  ICA  ID  IDA  IDE  ideas  identity  IICS  IIS  illustrated  ILP  im  image  imaging  implementation  indepedent  index  infiltration  Infineon  infographic  informance  information  infrastructure  inline  input  inspection  install  instant  instruction  integer  integrated  integration  intel  interface  internal  internet  interstellar  invite  IOCipher  iOS  IoT  IP  iPad  iPhone  iPod  IPSEC  iris  IronKey  ISMS  ISO  isolation  issue  IT  itube  J-PAKE  J-SOX  jabber  jack  jamming  JanusVM  japan  java  javacard  javascript  journalism  JSON  JSOX  JWT  KALE  Kali  KDDI  keccak  kernel  kerning  key  keybase  keyboard  keylength  keyless  keylogger  keypad  keys  keyword  kit  knowledge  Koolspan  Kraken  kruptos  laboratory  labs  LAFS  laptop  laser  lateral  launcher  law  layer  leak  leakage  learning  ledger  legal  length  letsencrypt  level  libaxoloti  libbde  library  lifehacks  lightweight  limit  limited  line  link  linked  linux  list  listing  little  littlebrother  live  liveCD  lIveCD  LiveCD  LM  local  location  lock  lockbin  LockNote  logging  logical  login  logon  LOK-IT  long  Loop-AES  loop-AES  loopback  LoS  loss  Lucent  LUKS  M2M  mac  machine  magazine  malicious  managed  management  manager  managment  Mandos  manga  manual  market  mask  masked  masking  mathematics  matrix  MD5  meassaging  media  media:document  memory  message  messagepack  messaging  messenger  microdrive  microSD  microsoft  middlebox  mifare  miniHSM  minimum  mining  mitigation  mix  Mixmaster  MMS  mobile  mode  model  module  moduli  mod_ssl  monitor  monitoring  motherboard  mount  movement  mozilla  mp3  MP4  MPC  MQTT  MSDN  MSN  mSystems  mTrust  multi  multikey  multiparty  multiple  multithreaded  music  mutual  MySecureDoc  mystery  nacl  name  NAS  native  nCipher  NEC  needle-in-haystack  NetShare  network  networking  networks  news  NFC  NFS  nginx  nGraph  Niels  NIST  node.js  noise  norbt  NORX  note  notebook  notepad  NSA  NTLM  NTT  nuke  number  numbers  NUMS  Nvidia  Oakley  obfuscated  obfuscation  obscure  obstcp  OCR  OE  office  office365  offline  offload  OFFsystem  OHCI  oil  OMEMO  onboard  one  oneRNG  onetime  onion  online  OpenCL  OpenCrypto  OpenGL  openID  OpenID  openoffice  openPGP  OpenPGP  opensource  OpenSSH  OpenSSL  openSSL  OpenVPN  OpenWays  OPKP  opportunistic  OpSec  optical  optics  Orchestria  OS  OSX  OTFE  OTP  otr  outguess  outlook  overlay  overview  owner  p2p  pack  package  packet  pad  padlock  page  pair  PAKE  paper  paranoid  paranoidlinux  partial  partition  party  pass  passphrase  Passware  password  passwords  pastebin  patch  payload  PBA  PBKDF2  PC  PCI  PCIe  PCIexpress  PCMCIA  PDA  pdf  Penango  pentesting  perfect  performance  peripheral  perl  persistence  personal  personalized  perturbation  PFS  pgp  phone  Phonebook  photo  php  physical  pict  picture  PIM  PIN  piracy  pirate  PKCS#11  PKCS11  PKI  platform  plausible  plausibly  plugin  PoC  PoCorGTFO  pointsec  PolarSSL  policy  polyglot  polygot  port  portable  portalable  position  POSIX  post  post-quantum  post-quatum  poster  potal  power  powershell  PQE  practices  preak  preboot  prediction  prevention  prime  primitive  print  printer  privacy  private  PrivateEye  PrivaTegrity  PRNG  probabilistic  probe  productivity  programming  project  proof  proof-of-concept  proofpoint  protected  protection  ProtectV  protest  protocol  provider  Provos  proxy  pseudoanonymity  psiphon  psychology  public  pubsub  pulsarr  purge  push  python  QA  QRcode  quantum  query  radio  RAID  RAIN  rainbow  rainbowcrack  RAM  ramdisk  random  randomness  range  raper  ratcheting  Raytheon  RC4  rdiff  rdiffdir  read  reader  reading  realtime  recognition  recommendation  recommendations  recovery  redhat  RedPhone  reenc  refence  reference  relakks  remailer  remediation  remote  removable  removal  report  research  resistance  resistant  resource  restart  restore  restricted  retrieval  reverse  review  revocation  revokable  revokation  revoke  RFID  ricochet  rights  rijndael  ring  riot  RNG  Rohos  rollback  root  rootkit  rotation  route  router  RPC  RPKI  rpm  RSA  RSOD  rsync  RTP  rubberhose  rust  S-box  S/MIME  s3  s3backer  s60  SaaS  safe  Safeberg  SafeEnd  Safeguard  SafeNet  salt  saltpack  sample  SAN  SanDisk  SATA  SATA2  SATA3  SBPA  scatterchat  scheme  schemes  schneier  science  SCIMP  SCP  Scram  scraper  screen  script  scripting  SCT  SD  SDC  SEAL  search  secdure  secrecy  secret  SECUDE  secure  SecureItEasy  SecureTrayUtil  SecurID  security  SecurStar  SED  seed  selection  selector  self  Self-Certifying  self-destruct  self-destructing  self-extracting  selfdestruct  sending  sensor  sequence  serpessence  server  service  services  set  setup  SFS  SG  SGX  SHA  SHA-1  SHA-2  SHA-3  SHA-256  SHA1  SHA2  SHA3  SHA256  shamir  shannon  sharding  share  shared  sharing  shell  shield  SHIFT  short  shortwave  shoulder  shredding  side  sieve  sign  signal  signature  signing  SIlentCircle  SIMON  SIMP  simple  single  SIP  site  size  SJCL  skein  skew  slack  small  smartcard  smartphone  SMS  smuggling  snake  snakeoil  snapshot  SNARK  SNI  sniffing  SNS  social  softare  softphone  softphopne  software  solution  sotrage  sound  source  sourcecode  sovereign  SP2  spec  specification  SPECK  speed  SPEKE  split  splitting  sponge  spritz  spy  SQL  SQLite  SRP  SRTP  SSD  ssh  ssl  SSO  SSSS  stacked  standard  staple  startup  state  station  statistical  steganography  stegbreak  stenography  stereo  stick  STL  Stonewood  storage  stream  streisand  strikeforce  strongbox  stunnel  stunt  substitution  suite  superworm  support  surfing  surveillance  sweden  swedish  switch  switzerland  Sybase  Symantec  symantics  Symbian  symmetric  sync  synchronization  syntax  sysadmin  system  systems  systray  table  tables  Tahoe  Tahoe-LAFS  tarsnap  taskbar  TCHunt  tcp  TCPcrypt  TEA  team  technology  telephone  temperature  template  test  testing  text  theory  ThePirateBay  third  threat  thunderbird  time  timestamp  tips  TKIP  TLS  token  tools  tor  torpack  torpark  TPM  tracker  tracking  traffic  training  transfer  transient  transmission  transparency  transparent  transport  tree  tricks  trigger  truecrypt  TrueCryptNext  trust  TrustChip  trusted  TrustFlash  truth  tunnel  tunneler  tunneling  tutorial  tweaks  tweet  Twinkle  twitter  two  twofish  U-Prove  U2F  U3  Ubiquity  ubuntu  UEFI  unlock  untrusted  update  upgrade  upload  URI  URL  USAF  USB  USB3  user  users  utilities  utility  utimaco  UTM  validation  Vanish  vault  VC++  vendor  Ventures  veracrypt  Verdasys  Vericept  verification  verified  video  virtual  virus  vista  visual  VM  vmware  voice  voip  vole  Voltage  volume  Vontu  VPN  vulnerability  vuze  wall-of-shame  wallet  WAMP  watermarking  way  weak  web  webcam  webcomic  WebDAV  webDAV  webdev  webmail  websense  websocket  WEP  whine  whistleblower  whole  wif  wifi  wiki  wikipedia  windows  wipe  wireless  wiretapping  WORM  WPA  WPA2  write  writing  X9.31  x64  x86  x86-64  XCD  xkcd  XML  XMPP  XP  xuggler  yahoo  YoNTMA  YubiHSM  yubikey  ZDM  Zebra  zero  ZeroBin  Zfone  ZIA  zip  zk-SNARK  zkSNARK  ZRTp  ZRTP  zRTP 

Copy this bookmark: