Archive for category Crypto
Using a Fully Untrusted Cloud
Posted by scriptjunkie in Crypto, Defense on June 11, 2016
Cloud services can save a lot of time and money, but security is a frequent concern. You use the providers as a data store right now, but it is not simple to do so in a way that is available and flexible for live applications, keeps information confidential from the cloud provider and prevents the cloud provider from silently corrupting data to break your security model. The good news is that by layering existing technologies on top of each other, we can achieve those goals.
The basic idea is to use the untrusted system as a remote block storage device, then layer an encrypted mapped block device on top of that using LUKS to keep the cloud provider from seeing the data contents, then layer a filesystem that performs both metadata and data checksumming on top of that.
Secure random password generation
Posted by scriptjunkie in /dev/urandom, Crypto on September 8, 2013
Ideally you never use a password, but sometimes, you have to anyway. One very common scenario is in signing up for a web application. Such passwords can be stored on the server, hashed with a fast algorithm such as MD5, and over which you have no control. You do not want your password to be […]
Breaking mobile device crypto with chaos theory and hardware RNG’s
Posted by scriptjunkie in Crypto on February 5, 2011
This is a continuation of the previous post with details on breaking the cryptosystem in the paper “Design and FPGA Implementation of a Pseudo-Random Bit Sequence Generator Using Spatiotemporal Chaos,” which proposed a hardware-based PRNG using a chaotic function as the basis of a cryptosystem inspired by the one-time pad. It proposed the system as […]