Website Signature Verifier
jvoss@altsci.com
jvoss@myuw.net
Nov 13, 2005
Sends an e-mail when your site has a cryptographic error. This is good to detect changes, intrusions, and mistakes. There are three levels of testing:
Level 1: Check that remote page concurs with remote signature.
Level 1 ensures that someone has signed the file with a key that we have in our
public keyring. Level 1 ensures that if your page is changed, it is because of
an intended change and has been signed by the developer. Level 1 is not a
perfect guarantee of security since an attacker who is in your public keyring
could sign it with their key and Level 1 would pass.
SSL Blowfish Wrapper
jvoss@altsci.com
jvoss@myuw.net
Jan 20, 2006
SSL Blowfish Wrapper 0.2 Source
[sig]
SSL Blowfish is a wrapper for the OpenSSL
library that allows quick and easy integration of SSL Blowfish encryption
into projects. It was specifically designed to add SSL Blowfish support for the
UDP Session project. It worked quite well. It is
just one C file, so it is quite small and easy to add. The two test programs
are compatible with the commonly used utility:
openssl enc -bf-cbc. The test programs can only work on 1024 bytes
at the current time. It is a limitation of the library that you have to
allocate as much memory as you plan to use in each packet. For example, if you
wanted to encrypt a 600 MB file the same way that you do with
openssl enc -bf-cbc, you would have to allocate 600 MB to do so with this
library. Since that isn't reasonable, it is reasonable to say that the library
is limited to transmitting small packets that are independent from each other.
This is a good library for UDP.
One problem with the library is that it requires a new key to be generated for each packet and for Blowfish, this operation is unusually slow. This is a useful security measure, but might hinder very slow machines that require very high rate of transfer. It makes sense that the in this case, a different encryption method could be used. Since OpenSSL is very modular, this library could be switched to a different algorithm.
Read more »
Oct 5, 2006
Text steganography 1 version 0.1.1
[sig]
Rubber Spoon 1 version 0.1
[sig]
libsteg version 0.4.4
[sig]
Steganography is the science of hiding information in plain sight. It does not require cryptography, but in modern computation, it is obvious that cryptography is quite likely to be involved. There are a handful of methods of steganography that are well-known but most of them involve taking the least significant bits (lsb) of a large set of data and flipping it to a pattern. Keying the flipping of bits makes for a larger attack surface, but can still be brute forced if the key lacks enough entropy.
It is important that the input picture used for steganography not be available to an attacker because this will allow the attacker to see ~90% of which bits are flipped giving away the secret and plausible deniability. Image generation that is impossible to reverse is a topic that can be discussed in the future. An easy way that would give away intent would be to flip all non-steg least significant bits randomly. A better way would be to design the algorithm around the randomness already present in images.
Read more »UDP Session Development
jvoss@altsci.com
jvoss@myuw.net
Jan 20, 2006
UDP Session 0.4.0d Source
[sig]
UDP Session 0.3.3c Source
[sig]
UDP Session 0.3.2b Source
[sig]
This program connects two computers without having either be a server. It uses "Evasive UDP Session Establishment" originally conceived by Winston Williams and other concurrent developers. The initial idea of the system was to poke holes in a firewall by using UDP's design as a stateless protocol. That way, both computers could consider themselves clients to a remote server. Upon further development, I found that other developers had designed similar systems with different mechanics.
Version 0.3 is encrypted with Blowfish-cbc. This 128-bit encryption is easily considered strong if used with strong passwords. Version 0.3 is statically or dynamically linked to libssl and libcrypt, so their licences apply. I will include the proper licensing agreements in future versions. Since the current version is such a fast release, it makes sense to release it sooner than later. To implement Blowfish-cbc, I created a library which wraps the OpenSSL calls in a way that is easily usable. That library is called SSL Blowfish Wrapper for the time being.
Read more »
