Detecting and Preventing Active Attacks Against Autocrypt Release 0.10.0
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
A History of End-To-End Encryption and the Death of PGP
25/05/2020 A history of end-to-end encryption and the death of PGP Hey! I'm David, a security engineer at the Blockchain team of Facebook (https://facebook.com/), previously a security consultant for the Cryptography Services of NCC Group (https://www.nccgroup.com). I'm also the author of the Real World Cryptography book (https://www.manning.com/books/real-world- cryptography?a_aid=Realworldcrypto&a_bid=ad500e09). This is my blog about cryptography and security and other related topics that I Ûnd interesting. A history of end-to-end encryption and If you don't know where to start, you might want to check these popular the death of PGP articles: posted January 2020 - How did length extension attacks made it 1981 - RFC 788 - Simple Mail Transfer Protocol into SHA-2? (/article/417/how-did-length- extension-attacks-made-it-into-sha-2/) (https://tools.ietf.org/html/rfc788) (SMTP) is published, - Speed and Cryptography the standard for email is born. (/article/468/speed-and-cryptography/) - What is the BLS signature scheme? (/article/472/what-is-the-bls-signature- This is were everything starts, we now have an open peer-to-peer scheme/) protocol that everyone on the internet can use to communicate. - Zero'ing memory, compiler optimizations and memset_s (/article/419/zeroing-memory- compiler-optimizations-and-memset_s/) 1991 - The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations The US government introduces the 1991 Senate Bill 266, (/article/461/the-9-lives-of-bleichenbachers- which attempts to allow "the Government to obtain the cat-new-cache-attacks-on-tls- plain text contents of voice, data, and other implementations/) - How to Backdoor Di¸e-Hellman: quick communications when appropriately authorized by law" explanation (/article/360/how-to-backdoor- from "providers of electronic communications services di¸e-hellman-quick-explanation/) and manufacturers of electronic communications - Tamarin Prover Introduction (/article/404/tamarin-prover-introduction/) service equipment". -
Encryption Procedure
Encrypting Software for Transmission to NIST 1. Scope NIST requires that all software submitted by the participants be signed and encrypted. Signing is done with the participant’s private key, and encrypting is done with the NIST project public key, which is published at http://www.nist.gov/itl/iad/ig/encrypt.cfm. NIST will validate all submitted materials using the participant’s public key, and the authenticity of that key will be verified using the key fingerprint. This fingerprint must be submitted to NIST as part of the signed participant agreement. By encrypting the submissions, we ensure privacy; by signing the submission, we ensure authenticity (the software actually belongs to the submitter). NIST will not take ownership of any submissions that are not signed and encrypted. All cryptographic operations (signing and encrypting) shall be performed with software that implements the OpenPGP standard, as described in Internet RFC 4880. The freely available Gnu Privacy Guard (GPG) software, available at www.gnupg.org, is one such implementation. 2. Submission of software to NIST NIST requires that all software submitted by the participants be signed and encrypted. Two keys pairs are needed: • Signing is done with the software provider's private key, and • Encryption is done with the NIST project public key, which is available at http://www.nist.gov/itl/iad/ig/encrypt.cfm 2.1. Project Specific Parameters The values for the project specific parameters (ProjectName, ProjectPublicKey, and ProjectEmail) mentioned in this document are found at http://www.nist.gov/itl/iad/ig/encrypt.cfm 1 2.2. Creating participant cryptographic key pair The steps below show how to create a public/private key pair and fingerprint using the GPG software. -
Adding Public Key Security to SSH
Adding Public Key Security to SSH A Thesis Submitted to the Faculty in partial fulfillment of the requirements for the degree of Master of Science in Computer Science by Yasir Ali DARTMOUTH COLLEGE Hanover, New Hampshire Feb, 20th, 2003 Examining Committee: ____________________________ Sean Smith (chair) ____________________________ Edward Feustel ____________________________ Christopher Hawblitzel !!!!!!!!!____________________________ !!!!!!!!!Carol Folt !!!!!!!!! Dean of Graduate Studies 1 2 Abstract SSH, the Secure Shell, is a popular software-based approach to network security. It is a protocol that allows user to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides authentication and encrypted communications over unsecured channels. However, SSH protocol has an inherent security flaw. It is vulnerable to the “man-in-the- middle Attack”, when a user establishes his first SSH connection from a particular client to a remote machine. My thesis entails designing, evaluating and prototyping a public key infrastructure which can be used with the SSH2 protocol, in an academic setting, thus eliminating this vulnerability due to the man in the middle attack. The approach presented is different from the one that is based on the deployment of a Certificate Authority. My scheme does not necessarily require third party verification using a Certificate Authority; it is decentralized in nature and is relatively easy to set up. Keywords used: SSH, PKI, digital certificates, Certificate Authority, certification path, LDAP servers, Certificate Revocation List, X509v3 Certificate, OpenSSL, mutual authentication, and tunneled authentication. 3 Acknowledgments I want to thank Professor Sean Smith for his guidance, assistance and unremitting support over the last two years. -
PGP Command Line User Guide
PGP Command Line User Guide Last updated: July 2020 Copyright statement Broadcom, the pulse logo, Connecting everything, and Symantec are among the trademarks of Broadcom. Copyright © 2020 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. For more information, please visit www.broadcom.com. Broadcom reserves the right to make changes without further notice to any products or data herein to improve reliability, function, or design. Information furnished by Broadcom is believed to be accurate and reliable. However, Broadcom does not assume any liability arising out of the application or use of this information, nor the application or use of any product or circuit described herein, neither does it convey any license under its patent rights nor the rights of others. Contents About PGP Command Line 1 Important Concepts 1 Technical Support 2 Installing 5 Install Location 5 Installing on AIX 6 Installing on AIX 6 Changing the Home Directory on AIX 7 Uninstalling on AIX 7 Installing on HP-UX 8 Installing on HP-UX 8 Changing the Home Directory on HP-UX 9 Installing to a Non-Default Directory on HP-UX 9 Uninstalling on HP-UX 9 Installing on macOS 10 Installing on macOS 10 Changing the Home Directory on macOS 10 Uninstalling on macOS 11 Installing on Red Hat Enterprise Linux, SLES, or Fedora Core 11 Installing on Red Hat Enterprise Linux or Fedora Core 11 Changing the Home Directory on Linux or Fedora Core 12 Uninstalling on Linux or Fedora Core 12 Installing on Oracle Solaris 13 Installing on Oracle -
How Secure Is Textsecure?
How Secure is TextSecure? Tilman Frosch∗y, Christian Mainkay, Christoph Badery, Florian Bergsmay,Jorg¨ Schwenky, Thorsten Holzy ∗G DATA Advanced Analytics GmbH firstname.lastname @gdata.de f g yHorst Gortz¨ Institute for IT-Security Ruhr University Bochum firstname.lastname @rub.de f g Abstract—Instant Messaging has gained popularity by users without providing any kind of authentication. Today, many for both private and business communication as low-cost clients implement only client-to-server encryption via TLS, short message replacement on mobile devices. However, until although security mechanisms like Off the Record (OTR) recently, most mobile messaging apps did not protect confi- communication [3] or SCIMP [4] providing end-to-end con- dentiality or integrity of the messages. fidentiality and integrity are available. Press releases about mass surveillance performed by intelli- With the advent of smartphones, low-cost short-message gence services such as NSA and GCHQ motivated many people alternatives that use the data channel to communicate, to use alternative messaging solutions to preserve the security gained popularity. However, in the context of mobile ap- and privacy of their communication on the Internet. Initially plications, the assumption of classical instant messaging, fueled by Facebook’s acquisition of the hugely popular mobile for instance, that both parties are online at the time the messaging app WHATSAPP, alternatives claiming to provide conversation takes place, is no longer necessarily valid. secure communication experienced a significant increase of new Instead, the mobile context requires solutions that allow for users. asynchronous communication, where a party may be offline A messaging app that claims to provide secure instant for a prolonged time. -
Request for Reconsideration After Final Action
Under the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless it displays a valid OMB control number. PTO Form 1960 (Rev 10/2011) OMB No. 0651-0050 (Exp 09/20/2020) Request for Reconsideration after Final Action The table below presents the data as entered. Input Field Entered SERIAL NUMBER 87031396 LAW OFFICE ASSIGNED LAW OFFICE 116 MARK SECTION MARK https://tmng-al.uspto.gov/resting2/api/img/87031396/large LITERAL ELEMENT CRYPTTALK STANDARD CHARACTERS YES USPTO-GENERATED IMAGE YES MARK STATEMENT The mark consists of standard characters, without claim to any particular font style, size or color. ARGUMENT(S) In the Official Action, the Examiner has made final the refusal to register the "CRYPTTALK" mark on the Principal Register because of the "likelihood of confusion" of the mark with prior registered marks. Applicant respectfully disagrees and believes that the Examiner has failed to make a prima facie showing of likelihood of confusion. I. NO LIKELIHOOD OF CONFUSION WITH U.S. REGISTRATION NOS. 4,707,027 and 4,859,726 A. The term "CRYPT" is Not a Distinctive Mark. The Examiner does not discuss the possibility of the cited registrations being viewed by the relevant consumer as the term "CRIP" and instead suggests that the terms "CRYPT" and "CRIPT" are the only relevant words to compare. The Examiner goes on to conclude that "CRYPT" and "CRIPT" in the respective marks "appear similar and are phonetic equivalents." This alleged similarity has been made the basis of the Examiners refusal to register Applicant's mark. -
Easy Encryption for Email, Photo, and Other Cloud Services John Seunghyun Koh
Easy Encryption for Email, Photo, and Other Cloud Services John Seunghyun Koh Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy under the Executive Committee of the Graduate School of Arts and Sciences COLUMBIA UNIVERSITY 2021 © 2021 John Seunghyun Koh All Rights Reserved Abstract Easy Encryption for Email, Photo, and Other Cloud Services John Seunghyun Koh Modern users carry mobile devices with them at nearly all times, and this likely has contribut- ed to the rapid growth of private user data—such as emails, photos, and more—stored online in the cloud. Unfortunately, the security of many cloud services for user data is lacking, and the vast amount of user data stored in the cloud is an attractive target for adversaries. Even a single compro- mise of a user’s account yields all its data to attackers. A breach of an unencrypted email account gives the attacker full access to years, even decades, of emails. Ideally, users would encrypt their data to prevent this. However, encrypting data at rest has long been considered too difficult for users, even technical ones, mainly due to the confusing nature of managing cryptographic keys. My thesis is that strong security can be made easy to use through client-side encryption using self-generated per-device cryptographic keys, such that user data in cloud services is well pro- tected, encryption is transparent and largely unnoticeable to users even on multiple devices, and encryption can be used with existing services without any server-side modifications. This dis- sertation introduces a new paradigm for usable cryptographic key management, Per-Device Keys (PDK), and explores how self-generated keys unique to every device can enable new client-side encryption schemes that are compatible with existing online services yet are transparent to users. -
Smarx OS Compendium 2020 for the CRYPTO-BOX
2020 EDITION Smarx® Compendium d s p . ) r e v o C _ n a M x r a m S ( a s 2 1 v o N 7 2 - www.marx.com 0 2 We highly appreciate and value your comments and suggestions! Suggestions for improvements will be honored with: • Free Business Support for 6 months • Enrollment in our BE !" ester program Software security is a growing challenge and requires constant improving " be part of the process! $lease send sugestions and error report to: • $$%& software/hardware in general and documentation (including this Compendium*: support@mar,.com • WEB and online ordering system related: webmaster+mar,.com Smar, .S )ompendium November 2020 )opyright 1 2002, 2020 2!345 )ryptoTech 6$ 7 Table of Contents 8. What is this Compendium !bout?--------------------------------------------------------------------------------: 8-8. ;ntroduction--------------------------------------------------------------------------------------------------------: 8.2. What is /ew9-------------------------------------------------------------------------------------------------------: 8-7. What to Find Where in this )ompendium--------------------------------------------------------------< 8-=. $rofessional Software $rotection Secures 3evenue----------------------------------------------< 8->. he )3?$ ."BO45@ardware-----------------------------------------------------------------------------88 8->-8. )3?$ ."BOX 2odels--------------------------------------------------------------------------------88 8->.2. echnical Features of the )3?$ ."BO45----------------------------------------------------88 -
AUTOCRYPT: Enabling Homomorphic Computation on Servers to Protect Sensitive Web Content
AUTOCRYPT: Enabling Homomorphic Computation on Servers to Protect Sensitive Web Content Shruti Tople Shweta Shinde Zhaofeng Chen Prateek Saxena School of Computing National University of Singapore {shruti90, shweta24, chenzhao, prateeks} @comp.nus.edu.sg ABSTRACT attacks can be used to compromise web servers and install malware. Web servers are vulnerable to a large class of attacks which can Despite heightened security concerns [10], stronger data protection allow a network attacker to steal sensitive web content. In this laws [4, 8, 9], and availability of commercial detection tools [6, 7], work, we investigate the feasibility of a web server architecture, server-side data breaches have been persistently high for the last 3 wherein the vulnerable server VM runs on a trusted cloud. All sen- years [25]. sitive web content is made available to the vulnerable server VM in Previous work has proposed partitioning monolithic web servers encrypted form, thereby limiting the effectiveness of data-stealing into multiple pieces, as a second line of defense. For instance, attacks through server VM compromise. separating the web application logic into multiple VMs based on In this context, the main challenge is to allow the legitimate func- roles [49], privilege separating users using OS protections [39], or tionality of the untrusted server VM to work. As a step towards using trusted hardware features to attest the integrity of server VMs [44,45,61]. In this work, we advocate a new approach for building this goal, we develop a tool called AUTOCRYPT, which transforms a subset of existing C functionality in the web stack to operate on a second line of defense: we investigate how to protect sensitive encrypted sensitive content. -
Easy Email Encryption with Easy Key Management
Why Joanie Can Encrypt: Easy Email Encryption with Easy Key Management John S. Koh Steven M. Bellovin Jason Nieh Columbia University Columbia University Columbia University New York, NY New York, NY New York, NY koh@cs:columbia:edu smb@cs:columbia:edu nieh@cs:columbia:edu Abstract subjected to a simple password recovery and reset attack Email privacy is of crucial importance. Existing email encryp- which granted the attacker full access to her personal email tion approaches are comprehensive but seldom used due to account on the Yahoo! Mail website. John Brennan’s AOL their complexity and inconvenience. We take a new approach web email account was compromised via social engineering. to simplify email encryption and improve its usability by im- Adversaries also sometimes seize entire email servers such plementing receiver-controlled encryption: newly received as in the cases of cock.li and TorMail [30, 41], or compromise messages are transparently downloaded and encrypted to a them, such as in the Sony Pictures email leaks [43]. locally-generated key; the original message is then replaced. The common thread is that a compromise exposes the To avoid the problem of moving a single private key between entire history of affected users’ emails after a single breach. devices, we implement per-device key pairs: only public keys With the explosive growth in cloud storage, it is easy to need be synchronized via a simple verification step. Com- keep gigabytes of old emails at no cost. Gmail’s massive promising an email account or server only provides access storage capacity—up to 15 GB for free, or 30 TB for paid to encrypted emails. -
Can Unicorns Help Users Compare Crypto Key Fingerprints?
Can Unicorns Help Users Compare Crypto Key Fingerprints? Joshua Tan, Lujo Bauer, Joseph Bonneau†, Lorrie Faith Cranor, Jeremy Thomas, Blase Ur∗ Carnegie Mellon University, {jstan, lbauer, lorrie, thomasjm}@cmu.edu † Stanford University, [email protected] * University of Chicago, [email protected] ABSTRACT key. To learn Bob’s key, Alice would typically look it up Many authentication schemes ask users to manually compare on a web site (e.g., a public key server) that publishes such compact representations of cryptographic keys, known as fin- information. Unfortunately, an attacker seeking to intercept gerprints. If the fingerprints do not match, that may signal a Alice’s communications to Bob might try to add his own key man-in-the-middle attack. An adversary performing an attack to the key server under Bob’s name. When trying to find may use a fingerprint that is similar to the target fingerprint, but Bob’s public key, Alice would then unwittingly download the not an exact match, to try to fool inattentive users. Fingerprint attacker’s key. Any messages she composed for Bob would representations should thus be both usable and secure. then be readable by the attacker, and not by Bob. We tested the usability and security of eight fingerprint repre- A more reliable method would be for Bob to deliver his public sentations under different configurations. In a 661-participant key to Alice in person. Because public keys are long strings between-subjects experiment, participants compared finger- of arbitrary bits, this approach is unfortunately unwieldy and prints under realistic conditions and were subjected to a sim- impractical. -
The Enigmail Handbook V1.0.0
EnigMail openpgp email security for mozilla applications The Handbook by Daniele Raffo with Robert J. Hansen and Patrick Brunschwig v 1.0.0 and earlier 1. Table of Contents 2. Introduction..................................................................................5 3. Acknowledgements.....................................................................8 4. The Enigmail team.......................................................................9 5. Getting started...........................................................................10 5.1. Installing GnuPG.....................................................................................10 5.1.1. Installing GnuPG on Microsoft Windows..........................................10 5.1.2. Installing GnuPG on Macintosh OS X..............................................10 5.1.3. Installing GnuPG on Linux / UNIX....................................................11 5.2. Installing Thunderbird / SeaMonkey........................................................11 5.3. Installing Enigmail....................................................................................12 5.3.1. Installing Enigmail on Thunderbird...................................................12 5.3.2. Installing Enigmail on SeaMonkey...................................................12 5.3.3. Installing a locale for Enigmail..........................................................13 6. Quick start..................................................................................14 6.1. The Setup Wizard....................................................................................15