Centroid.EU Blog
(this blog is mostly encrypted - adults only)||
|
Previous Page
December 4th, 2013
But to stall/delay/cost the adversary..
On chapter 2, page 34 of Applied Cryptography by Bruce Schneier, which is a
rather old text I found the gem of Merkle's puzzles. Ralph Merkle is renowned
in the cryptography scene for finding out about these puzzles. While I don't
want to go into explaining the puzzle, I do think that they can offer some
protection when RSA assymetric encryption fails. Pretend there is a quantum
computer able to break assymetric encryption. What I have done is implemented
a Merkle's puzzle server that I'll be using to connect to my vps. The server
creates a tunnel that is SHA1 HMAC'ed and AES-256-CBC encrypted. While this
may seem enough, it's not. I still ssh within this tunnel but it does require
some effort to get to the assymetric encryption.
jupiter$ ls -1 *.c
mps.c - creates the gigabytefile of encrypted messages
mpsclient.c - uses a cracked message to talk to the server
mpscrack.c - cracks a message in the gigabyte file
mpsd.c - talks to the client to set up the encrypted tunnel
I'll be setting up a system to distribute over ssh the gigabytefile so that I
can crack a message at home with it and from there use mpsclient to connect
to the server.
I'm debating whether I should open source this. Give it time perhaps I will.
0 comments
December 3rd, 2013
I have taken the new americas into "production" so to speak. It is serving
all kinds of things and I'm currently developing software to make it even
"safer" :-).
0 comments
November 19th, 2013
This is a small release for wildcarddnsd. We have new debug feature and support for Raspberry Pi. It is a small
release because I have dwindling time this year due to my job and there is
little to no help coming from the outside. I welcome each and every person who
wants to program on this daemon.
0 comments
November 18th, 2013
A call on the
undeadly openbsd journal was answered by me. I sent Brad Smith 10 euros
for his new laptop. If 100 people do similar he'll be able to buy his new
beast. Of course this is for the greater good! Brad lives in Toronto where
I used to live for 7 years once, so this is from one (ex-)Torontonian to the next.
0 comments
November 17th, 2013
I have decided to switch plans on my Panama VPS americas.centroid.eu. I now
have the option to run OpenBSD on it and I'm going to go for it.
I'm looking forward to IPSEC encrypting from io.solarscale.de and moon.virgostar.net to americas.centroid.eu. I have already set up strongswan on io and moon
and americas was lacking this functionality but now it'll work. This should
keep me busy until new years :-).
0 comments
November 15th, 2013
I have ordered...
- Alternative DNS Servers: Choice and Deployment, and Optional SQL/LDAP Back-Ends - Jan-Piet Mens
I do hope this is worth having. This brings my orders for this year to 15
which I hoped to achieve, perhaps I'll order one or two more books but then
that's it. I gotta read these too!
0 comments
November 11th, 2013
I have written a small daemon that changes the outgoing TTL on a FreeBSD
host. It's a covert steganographic channel. When a bit is set the TTL
is 65 and when it's 0 the TTL is 64. On the receiving end of a ping then
perhaps you can make out the bits of a message:
jupiter$ ping -i 10 io.solarscale.de
PING io.solarscale.de (78.47.14.22): 56 data bytes
64 bytes from 78.47.14.22: icmp_seq=0 ttl=53 time=15.691 ms
64 bytes from 78.47.14.22: icmp_seq=1 ttl=53 time=16.608 ms
64 bytes from 78.47.14.22: icmp_seq=2 ttl=54 time=14.907 ms
64 bytes from 78.47.14.22: icmp_seq=3 ttl=54 time=15.247 ms
64 bytes from 78.47.14.22: icmp_seq=4 ttl=53 time=15.183 ms
64 bytes from 78.47.14.22: icmp_seq=5 ttl=53 time=16.017 ms
64 bytes from 78.47.14.22: icmp_seq=6 ttl=53 time=16.465 ms
64 bytes from 78.47.14.22: icmp_seq=7 ttl=54 time=15.134 ms
64 bytes from 78.47.14.22: icmp_seq=8 ttl=53 time=18.659 ms
64 bytes from 78.47.14.22: icmp_seq=9 ttl=53 time=15.542 ms
64 bytes from 78.47.14.22: icmp_seq=10 ttl=54 time=15.176 ms
64 bytes from 78.47.14.22: icmp_seq=11 ttl=54 time=16.411 ms
64 bytes from 78.47.14.22: icmp_seq=12 ttl=53 time=15.418 ms
64 bytes from 78.47.14.22: icmp_seq=13 ttl=54 time=15.438 ms
64 bytes from 78.47.14.22: icmp_seq=14 ttl=53 time=15.388 ms
64 bytes from 78.47.14.22: icmp_seq=15 ttl=53 time=15.918 ms
64 bytes from 78.47.14.22: icmp_seq=16 ttl=53 time=15.306 ms
64 bytes from 78.47.14.22: icmp_seq=17 ttl=53 time=15.347 ms
Notice how the TTL changes here. If it's 54 then the original TTL was 65,
so 1 bit. So what was gathered here was 001100010011010000. Eventually
I'd like to write a client to record this. But I'm gonna cheat for now
and give you the source code.
I just give greetings and peace wishes but with a bit of coding it could
be changed to something very creative!
0 comments
November 11th, 2013
I think the medias need to step back a bit. We all know that the US is spying
on us but we don't need to be spoon-fed the paranoia. It's causing illogical
decisions (firewalled europe anyone?) on parts of big powerful corporations
who see opportunity to take away everyones freedom. Let's get off this
paranoid horses back! I love freedom personally.
0 comments
November 9th, 2013
I have written a small patch to talk(1) as found in FreeBSD (yes for a change!)
to display timestamps when someone wrote a line. It's a little buggy but it
works.
Thanks goes to Dylan who I've been talk(1)ing with and gave me the idea.
0 comments
November 8th, 2013
Yesterday I looked at the traceroute(8) source code in order to look for
attack vectors. I came out empty handed. But I smithed a tool for my
work that can be reused later I think.
This tool helped me overcome reading the function print_exthdr() better and
determining it was safe. Not many people admit to doing this kinda stuff but
I think I'll leave this to the next person that doubts OpenBSD's traceroute.c.
I'm not ashamed at all! Should I be?
0 comments
Next Page
|
Search
RSS Feed
 Click here for RSS
On this day in
Other links
Have feedback?
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
March, 2023
February, 2023
January, 2023
December, 2022
November, 2022
October, 2022
September, 2022
August, 2022
July, 2022
June, 2022
May, 2022
April, 2022
March, 2022
February, 2022
January, 2022
December, 2021
November, 2021
October, 2021
September, 2021
March, 2021
February, 2021
January, 2021
December, 2020
November, 2020
October, 2020
September, 2020
August, 2020
July, 2020
June, 2020
May, 2020
April, 2020
March, 2020
February, 2020
January, 2020
December, 2019
November, 2019
October, 2019
September, 2019
August, 2019
July, 2019
June, 2019
May, 2019
April, 2019
March, 2019
February, 2019
January, 2019
December, 2018
November, 2018
October, 2018
September, 2018
August, 2018
July, 2018
June, 2018
May, 2018
April, 2018
March, 2018
February, 2018
January, 2018
December, 2017
November, 2017
October, 2017
September, 2017
August, 2017
July, 2017
June, 2017
May, 2017
April, 2017
March, 2017
February, 2017
January, 2017
December, 2016
November, 2016
October, 2016
September, 2016
August, 2016
July, 2016
June, 2016
May, 2016
April, 2016
March, 2016
February, 2016
January, 2016
December, 2015
November, 2015
October, 2015
September, 2015
August, 2015
July, 2015
June, 2015
May, 2015
April, 2015
March, 2015
February, 2015
January, 2015
December, 2014
November, 2014
October, 2014
September, 2014
August, 2014
July, 2014
June, 2014
May, 2014
April, 2014
March, 2014
February, 2014
January, 2014
December, 2013
November, 2013
October, 2013
September, 2013
August, 2013
July, 2013
June, 2013
May, 2013
April, 2013
March, 2013
February, 2013
January, 2013
December, 2012
November, 2012
October, 2012
September, 2012
August, 2012
July, 2012
June, 2012
May, 2012
April, 2012
March, 2012
February, 2012
January, 2012
December, 2011
November, 2011
October, 2011
September, 2011
August, 2011
July, 2011
June, 2011
May, 2011
April, 2011
March, 2011
February, 2011
January, 2011
December, 2010
November, 2010
October, 2010
September, 2010
August, 2010
July, 2010
June, 2010
May, 2010
April, 2010
March, 2010
February, 2010
January, 2010
December, 2009
November, 2009
October, 2009
September, 2009
August, 2009
July, 2009
June, 2009
May, 2009
Powered by BCHS
|