Security
General
- http://sectools.org/
- http://www.reddit.com/r/netsec/comments/r1603/some_people_asked_for_a_tool_list/
- http://chargen.matasano.com/chargen/2009/7/22/if-youre-typing-the-letters-a-e-s-into-your-code-youre-doing.html [3]
- EZCrypt - We provide you with the power to encrypt the data BEFORE it gets stored on our site. All encryption/decryption is done on the client end using AES-CBC 128bit with a hash key generated on each paste. The server will only store the encrypted data without the hash key, so only you have the power to decrypt it.
- http://telecomix.org/
- http://en.wikipedia.org/wiki/Telecomix
- http://cryptoanarchy.org - Telecomix Crypto Munitions Bureau is part of Telecomix. Many good and tasty links.
- http://web.archive.org/web/20130310120019/http://www.infoanarchy.org/en/Main_Page
- http://cryptoparty.informatick.net/parties/howto
- http://booki.cc/cryptoparty-handbook/a-cryptoparty-history-party-like-its-1984/
- More Encryption Is Not the Solution [4]
- cryptosphere - Encrypted peer-to-peer web application platform for decentralized, privacy-preserving applications
- http://tobtu.com/decryptocat.php - don't use cryptocat
- Gitian is a secure source-control oriented software distribution method. This means you can download trusted binaries that are verified by multiple builders.
Resources
News
Articles
- http://www.ietf.org/mail-archive/web/cfrg/current/msg03554.html [7]
- https://news.ycombinator.com/item?id=7017160
Passwords
Articles
Software
Keypass
- http://www.keepassx.org - what I use
Other
Services
Multi-factor
Proxy
Server
See also Distros
cat /proc/sys/kernel/random/entropy_avail
- haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers. Current development of haveged is directed towards improving overall reliablity and adaptability while minimizing the barriers to using haveged for other tasks.
Firewalls
csf/lfd
- http://blog.configserver.com/ - software update news
- http://configserver.com/cp/csfdemo/config.html
- http://www.linuxbrigade.com/learn-the-csf-command-line-options/
csf -r # restart CSF csf -d 192.18.1.100 # quick deny an ip csf -d 192.18.1.0/24 # deny access from an ip range csf -dr xxx.xxx.xxx.xxx # remove from the deny list csf -a xxx.xxx.xxx.xxx # quick allow / whitelist an ip (bypass auto blocking) csf -ar xxx.xxx.xxx.xxx # remove ip from whitelist
FireHOL
Windows
Logging
Integrity
Hardening
See also *nix#Permissions
grsecurity
TOMOYO Linux
AppArmor
SELinux
Sandboxing
Intrusion detection
- http://en.wikipedia.org/wiki/Intrusion_detection_system
- http://en.wikipedia.org/wiki/Intrusion_prevention_system
- http://www.tldp.org/HOWTO/Security-Quickstart-HOWTO/intrusion.html
- http://www.sans.org/security-resources/idfaq/
- http://www.sans.org/security-resources/idfaq/auto_res.php
- http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=5588654
Port knocking
- http://www.portknocking.org/ - info site
- https://en.wikipedia.org/wiki/Port_knocking - a method of externally opening ports on a firewall by generating a connection attempt on a set of prespecified closed ports. Once a correct sequence of connection attempts is received, the firewall rules are dynamically modified to allow the host which sent the connection attempts to connect over specific port(s). A variant called single packet authorization exists, where only a single "knock" is needed, consisting of an encrypted packet. The primary purpose of port knocking is to prevent an attacker from scanning a system for potentially exploitable services by doing a port scan, because unless the attacker sends the correct knock sequence, the protected ports will appear closed.
Shells
Limited
Honeypots
Cryptography
a mess
- https://en.wikipedia.org/wiki/NIST
- https://en.wikipedia.org/wiki/Federal_Information_Processing_Standard
- https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange
- https://news.ycombinator.com/item?id=8015932
Ciphers
- https://cipherli.st/ - web server SSL cipher config recommendations [17]
- https://en.wikipedia.org/wiki/Block_cipher
- https://en.wikipedia.org/wiki/Collision-resistant
- https://en.wikipedia.org/wiki/Collision_attack
- The code monkey's guide to cryptographic hashes for content-based addressing
- Lifetimes of cryptographic hash functions
Blowfish
1993
AES
2001
- https://news.ycombinator.com/item?id=639647 https://news.ycombinator.com/item?id=8864555 https://news.ycombinator.com/item?id=1030560
Symmetric-key
DES
1977. Symmetric-key algorithm
Cryptographic hash function
- https://en.wikipedia.org/wiki/Cryptographic_hash_function
- https://en.wikipedia.org/wiki/Provably_secure_cryptographic_hash_function
- Historic Password Hashes - a collection of historic password hashing algorithms. Please do not use most of them today! Send pull request if you have more.
- https://en.wikipedia.org/wiki/Key_derivation_function - derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudo-random function. KDFs can be used to stretch keys into longer keys or to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES. Keyed cryptographic hash functions are popular examples of pseudo-random functions used for key derivation.
- https://en.wikipedia.org/wiki/Argon2 - a key derivation function that was selected as the winner of the Password Hashing Competition in July 2015. It was designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from University of Luxembourg. Argon2 is released under a Creative Commons CC0 license, and provides two related versions: Argon2d maximizes resistance to GPU cracking attacks. Argon2i is optimized to resist side-channel attacks. Both are allow specification by three parameters that control: execution time, memory required, degree of parallelism
Public-key cryptography
- http://en.wikipedia.org/wiki/Public-key_cryptography - also known as asymmetric cryptography
- https://developer.mozilla.org/en/docs/Introduction_to_Public-Key_Cryptography
- https://www.ics.uci.edu/~ics54/doc/security/pkhistory.html
- httpd://en.wikipedia.org/wiki/Public-key_infrastructure
- https://en.wikipedia.org/wiki/Public_key_certificate
- https://en.wikipedia.org/wiki/Digital_signature
- https://en.wikipedia.org/wiki/Web_of_trust
- https://en.wikipedia.org/wiki/Password-authenticated_key_agreement
Diffie-Hellman key exchange
Alice Bob --------------------------- Sa = random Pa = g^Sa --> Pa Sb = random Pb <-- Pb = g^Sb s = Pb^Sa s = Pa^Sb k = KDF(s) k = KDF(s)
There are several methods to use a block cipher to build a cryptographic hash function, specifically a one-way compression function. The methods resemble the block cipher modes of operation usually used for encryption. All well-known hash functions, including MD4, MD5, SHA-1 and SHA-2 are built from block-cipher-like components designed for the purpose, with feedback to ensure that the resulting function is not invertible. SHA-3 finalists included functions with block-cipher-like components (e.g., Skein, BLAKE) though the function finally selected, Keccak, was built on a cryptographic sponge instead.
Elliptic curve Diffie–Hellman
Alice Bob --------------------------- Sa = random Pa = Sa * G --> Pa Sb = random Pb <-- Pb = Sb * G s = Sa * Pb s = Sb * Pa k = KDF(s) k = KDF(s)
PAKE
to sort
- Community framework for electronic signatures - This Directive establishes the legal framework at European level for electronic signatures and certification services. The aim is to make electronic signatures easier to use and help them become legally recognised within the Member States.
RSA
1977, by Ron Rivest, Adi Shamir, and Leonard Adleman at MIT
ECC
- https://en.wikipedia.org/wiki/Elliptic_curve_cryptography
- https://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman
- https://en.wikipedia.org/wiki/Elliptic_Curve_DSA
- http://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/
- http://www.lapsedordinary.net/2013/09/23/how-the-nsa-cheated-cryptography/
NTRU
Suites
Encryption
- https://prism-break.org/ - various levels of advice
PGP / GPG
- http://tools.ietf.org/html/rfc4880 - OpenPGP Message Format
- http://tools.ietf.org/html/rfc5581 - The Camellia Cipher in OpenPGP
Guides
- GPG Tutorial
- https://we.riseup.net/riseuplabs+paow/openpgp-best-practices
- https://alexcabal.com/creating-the-perfect-gpg-keypair/
gpg --keyserver subkeys.pgp.net --recv-keys ABAF11C65A2970B130ABE3C479BE3E4300411886 # retrieve a public key
gpg --export --armor <keyid> | awk '{ print " "$0 }'
Tools
- http://gpg4win.org/ - Windows
- https://gpgtools.org/ - Mac
- WebPG - Browser Extensions
- Monkeysphere project's goal is to extend OpenPGP's web of trust to new areas of the Internet to help us securely identify servers we connect to, as well as each other while we work online. The suite of Monkeysphere utilities provides a framework to transparently leverage the web of trust for authentication of TLS/SSL communications through the normal use of tools you are familiar with, such as your web browser0 or secure shell.
- http://www.biglumber.com/ - signing parties
Key servers
- http://superuser.com/questions/227991/where-to-upload-pgp-public-key-are-keyservers-still-surviving
- http://www.rossde.com/PGP/pgp_keyserv.html
- http://cryptome.org/2013/07/mining-pgp-keyservers.htm
- http://pgp.mit.edu/ (cryptonomicon.mit.edu)
- http://sks-keyservers.net/
- https://keyserver.pgp.com/
DNS
- https://we.riseup.net/dissent+secure_communication/secure-gpg-webmail-service
- http://unix.stackexchange.com/questions/59323/what-is-a-free-open-source-webmail-software-with-pgp-support
- http://pthree.org/2011/09/17/pgpmime-versus-smime/
- http://www.tankmiche.com/tips/x-pgp-key-email-header-format/
- http://beza1e1.tuxen.de/articles/pgp_header.html
Libraries
- Penango is a web browser add-on that allows people to send and receive authenticated and encrypted messages end-to-end on the Internet with standards-based, interoperable protocols.
- gAES - Encrypt your google chats and make the NSA sad
Other
- gnupg-ecc - ECC-enabled GnuPG per RFC6637
File system
TrueCrypt
- TrueCrypt - Free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux
- https://news.ycombinator.com/item?id=7140809
- https://news.ycombinator.com/item?id=7586225
- http://krebsonsecurity.com/2014/05/true-goodbye-using-truecrypt-is-not-secure/ [29]
- https://news.ycombinator.com/item?id=7812133
Other
- http://en.wikipedia.org/wiki/FreeOTFE - Windows only, seems dead
- LUKS is the standard for Linux hard disk encryption. By providing a standard on-disk-format, it does not only facilitate compatibility among distributions, but also provides secure management of multiple user passwords. In contrast to existing solution, LUKS stores all setup necessary setup information in the partition header, enabling the user to transport or migrate his data seamlessly. While LUKS is a standard on-disk format, there is also a reference implementation. LUKS for dm-crypt is implemented in an enhanced version of cryptsetup.
- Tomb aims to be an 100% free and open source system for easy encryption and backup of personal files, written in code that is easy to review and links commonly shared components. Tomb generates encrypted storage files to be opened and closed using their associated keyfiles, which are also protected with a password chosen by the user.
- zuluCrypt is a front end to cryptsetup and tcplay and its a tool that make it easy to manage LUKS, PLAIN and TRUECRYPT encrypted volumes through a GUI and a simpler to use CLI interface. zuluCrypt can manage encrypted volumes residing in regular files, LVM devices, mdraid devices as well as regular block devices and partitions.
- EncFS provides an encrypted filesystem in user-space. It runs without any special permissions and uses the FUSE library and Linux kernel module to provide the filesystem interface. You can find links to source and binary releases below. EncFS is open source software, licensed under the GPL. As with most encrypted filesystems, Encfs is meant to provide security against off-line attacks; ie your notebook or backups fall into the wrong hands, etc. The way Encfs works is different from the “loopback” encrypted filesystem support built into the Linux kernel because it works on files at a time, not an entire block device. This is a big advantage in some ways, but does not come without a cost.
- Cryptkeeper is a Linux system tray applet that manages EncFS encrypted folders.
Other
- The Guardian Project creates easy-to-use open source apps, mobile OS security enhancements, and customized mobile devices for people around the world to help them communicate more freely, and protect themselves from intrusion and monitoring.
- Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.
Homomorphic
TLS/SSL
See also HTTP#SSL
- Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet. They use asymmetric cryptography for authentication of key exchange, symmetric encryption for confidentiality and message authentication codes for message integrity. Several versions of the protocols are in widespread use in applications such as web browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP).
In the TCP/IP model view, TLS and SSL encrypt the data of network connections at a lower sublayer of its application layer. In OSI model equivalences, TLS/SSL is initialized at layer 5 (the session layer) then works at layer 6 (the presentation layer): first the session layer has a handshake using an asymmetric cipher in order to establish cipher settings and a shared key for that session; then the presentation layer encrypts the rest of the communication using a symmetric cipher and that session key. In both models, TLS and SSL work on behalf of the underlying transport layer, whose segments carry encrypted data.
Specs
some rfcs..
- http://tools.ietf.org/html/rfc2712 - Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)
- http://tools.ietf.org/html/rfc4279 - Pre-Shared Key Ciphersuites for Transport Layer Security (TLS)
- http://tools.ietf.org/html/rfc5280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- http://tools.ietf.org/html/rfc6091 - Using OpenPGP Keys for Transport Layer Security (TLS) Authentication
- http://tools.ietf.org/html/rfc6125 - Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)
- https://briansmith.org/browser-ciphersuites-01.html [32]
- http://op-co.de/blog/posts/android_ssl_downgrade/
- https://news.ycombinator.com/item?id=6733806
Guides
- https://wiki.mozilla.org/Security/Server_Side_TLS
- https://www.ssllabs.com/projects/best-practices/
- SSL/TLS Deployment Best Practices - tutorial whitepaper
- https://sites.google.com/site/x509certificateusage/
- OWASP Top 10 for .NET developers part 9: Insufficient Transport Layer Protection - Touching on HTTPS, SSL and TLS
- https://daniel.molkentin.net/2014/04/21/fighting-cargo-cult-the-incomplete-ssltls-bookmark-collection/ [34]
- DEFCON 19: SSL And The Future Of Authenticity - Moxie Marlinspike
- https://rx4g.com/2013/09/09/web-server-authentication-is-still-broken/
- https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html [35]
- http://it.slashdot.org/story/13/07/24/1812227/anonymous-source-claims-feds-demand-private-ssl-keys-from-web-services
Software
Gnutils
OpenSSL
openssl ciphers -v
openssl verify -CAfile /etc/nginx/ca.pem certs/client.crt
Other
- PolarSSL makes it trivially easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) products, facilitating this functionality with a minimal coding footprint.
HTTPS
- https://www.tbray.org/ongoing/When/201x/2012/12/02/HTTPS - basic intro
- Living with HTTPS (19 Jul 2012)
- http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html
- Improved HTTPS Performance with Early SSL Termination
- https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security - force HTTPS
- https://www.scantosecure.com/blog/fencing-your-ssl-errors-with-hsts
- http://blog.nvisium.com/2014/04/is-your-site-hsts-enabled.html [37]
See HTTP#SSL
CSP
Tools
- SSL Server Test - This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.
- Why No Padlock? - This web based tool will check a secure (https://) URL for the following items: Valid SSL Certificate (checks expiration date, properly installed intermediate certificate, URL matches the certificate domain, and displays the SSL Issuing company. All image, css, and javascript calls on the page are done so securely. Checks each linked css file to make sure any image calls are also secure. Outputs any insecure calls, along with the file (referrer) that made the insecure call. Verifies all third party SSL calls also have a valid and properly installed SSL certificate.
- sslScanner - Scan SSL based TCP services, ips, ports and network ranges to obtain certificate expiry data. Get automated alerts about certificates expiring
- SSL Converter - convert SSL certificates to and from different formats such as pem, der, p7b, and pfx
- Certificate Depot - Create your self-signed SSL certificate instantly and for free.
Certificates
See also HTTP#SSL
- SSL Certificate Types and Purposes
- https://www.globalsign.com/ssl-information-center/types-of-ssl-certificate.html
- http://blogs.msdn.com/b/kaushal/archive/2010/11/05/ssl-certificates.aspx
- http://en.wikipedia.org/wiki/Server_Name_Indication - SNI allows more than one domain per ip address, not supported by older IE and Android 2
Certificate signing request
- .csr This is a Certificate Signing Request. Some applications can generate these for submission to certificate-authorities. It includes some/all of the key details of the requested certificate such as subject, organization, state, whatnot, as well as the public key of the certificate to get signed. These get signed by the CA and a certificate is returned. The returned certificate is the public certificate, which itself can be in a couple of formats.
openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
Key formats
- .pem Defined in RFC's 1421 through 1424, this is a container format that may include just the public certificate (such as with Apache installs, and CA certificate files /etc/ssl/certs), or may include an entire certificate chain including public key, private key, and root certificates. The name is from Privacy Enhanced Email, a failed method for secure email but the container format it used lives on.
- .key This is a PEM formatted file containing just the private-key of a specific certificate. In Apache installs, this frequently resides in /etc/ssl/private. The rights on this directory and the certificates is very important, and some programs will refuse to load these certificates if they are set wrong.
- .pkcs12 .pfx .p12 Originally defined by RSA in the Public-Key Cryptography Standards, the "12" variant was enhanced by Microsoft. This is a passworded container format that contains both public and private certificate pairs. Unlike .pem files, this container is fully encrypted. Every time I get one I have to google to remember the openssl-fu required to break it into .key and .pem files.
- SF: What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?
- DER vs. CRT vs. CER vs. PEM Certificates and How To Convert Them
SAN
- http://en.wikipedia.org/wiki/Subject_Alternative_Name - allows multiple domains, but not like a wildcard
Wildcard
Domain Validation
Organisational Validation
involving better/slower background checks for the Organisation Name field
Extended Validation
- http://en.wikipedia.org/wiki/Extended_Validation_Certificate - provides a green address bar, bit of a rip-off though
Self-signed
Vulnerable to MITM as cracker can generate their own, OK if you control both ends.
- How to Create A Self Signed Certificate - sslshopper.com
- How to create a self-signed SSL Certificate which can be used for testing purposes or internal usage
Lets Encrypt / ACME
./letsencrypt-auto certonly -d example.com -d www.example.com --agree-tos --renew-by-default -a webroot --webroot-path=/tmp/letsencrypt-auto
CAs
Services
Comodo
- http://www.comodo.com/ - security history a bit of a joke
- http://ssl.comodo.com/wildcard-ssl-certificates.php - from £224.95
- HN discussion: $50 comodo wildcard SSLs (while they last)
VeriSign
- http://www.verisign.com/ - owned by Symantec
- http://www.rapidssl.com/buy-ssl/ssl-certificate/index.html
- http://www.rapidssl.com/buy-ssl/wildcard-ssl-certificate/index.html
GlobalSign
- http://en.wikipedia.org/wiki/GlobalSign - owned by GMO CLOUD K.K. in Japan
- https://www.ssl2buy.com/alphassl-wildcard.php
- http://www.vpsnodebox.com/ssl-certificates - AlphaSSL - GlobalSign certificate.
StartCom
- https://startssl.com
- http://en.wikipedia.org/wiki/StartCom - based in Israel, provides StartSSL certs. hostile customer service.
Free certs, one cert per domain, 1 year. One only pays for acions that require human intervention, i.e., validation.
- https://pierrekim.github.io/blog/2016-02-16-why-i-stopped-using-startssl-because-of-qihoo-360.html [44]
Cacert.org
Community group providing certs. Web of trust based assurance point system. Not carried by major browsers, just Linux distros.
Other
- http://lolroot.ca/ - lol
- SSLMate - Buy SSL certs from the command line.
- CertSimple - The fastest way to prove your company's identity online. EV Certificates are £149 a year. Multiple servers from £249 a year for 3 server names.
PFS
CRL
DNSSEC
- http://jpmens.net/2011/02/16/ssl-certificate-validation-and-dnssec/
- http://blog.huque.com/2012/10/dnssec-and-certificates.html
- http://blogs.cisco.com/security/top-of-mind-problems-with-ssl-solved-with-dnssec/
DANE
HPKP
Future
- TACK, a proposal for a dynamically activated public key pinning framework that provides a layer of indirection away from Certificate Authorities, but is fully backwards compatible with existing CA certificates, and doesn't require sites to modify their existing certificate chains.
Vulnerabilities
- https://en.wikipedia.org/wiki/Vulnerability_(computing) - a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerability is also known as the attack surface.
- https://en.wikipedia.org/wiki/Vulnerability_management
- https://en.wikipedia.org/wiki/Vulnerability_scanner
- YouTube: Using c99 shell hacking
- http://thehackerblog.com/hacking-script-kiddies-r57-gen-tr-shells-are-backdoored-in-a-way-you-probably-wouldnt-guess/
Cookies
Virus
Web
- Postcards from the post-XSS world - Michal Zalewski
OWASP
- https://www.owasp.org/index.php/Main_Page Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.
- https://www.owasp.org/index.php/Cheat_Sheets
- https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet
Testing
See Network, Development#Testing
Metasploit
Web
- w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.
DB
- sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Burp
Inception
- Inception is a FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP-2 DMA. The tool can unlock (any password accepted) and escalate privileges to Administrator/root on almost any powered on machine you have physical access to. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.
DetecTor.io
radare2
Capstone
Bettercap
- http://www.evilsocket.net/2016/01/18/autopwn-every-android-device-on-your-network-using-bettercap-the-and-addjavascriptinterface-vulnerability/ [49]
Disk cleanup
Hardware
- https://en.wikipedia.org/wiki/Security_token - sometimes a hardware token, authentication token, USB token, cryptographic token, software token, virtual token, or key fob) may be a physical device that an authorized user of computer services is given to ease authentication. The term may also refer to software tokens.
Security tokens are used to prove one's identity electronically (as in the case of a customer trying to access their bank account). The token is used in addition to or in place of a password to prove that the customer is who they claim to be. The token acts like an electronic key to access something.
Some may store cryptographic keys, such as a digital signature, or biometric data, such as fingerprint minutiae. Some designs feature tamper resistant packaging, while others may include small keypads to allow entry of a PIN or a simple button to start a generating routine with some display capability to show a generated key number. Special designs include a USB connector, RFID functions or Bluetooth wireless interface to enable transfer of a generated key number sequence to a client system.
- https://plus.google.com/+KonstantinRyabitsev/posts/4a7RNxtt7vy
- https://github.com/Yubico/ykneo-openpgp/issues/2#issuecomment-218446368 - not open source anymore?
- https://www.nitrokey.com/
- https://en.wikipedia.org/wiki/Nitrokey - an open source USB key to enable secure encryption and signing of data. The secret keys are always stored inside the Nitrokey which protects against malware (such as computer viruses) and attackers. A user-chosen PIN and a tamper-proof smart card protect the Nitrokey in case of loss and theft. The hardware and software of Nitrokey are available as open source, free software and open hardware which enables independent parties to verify the security of the device. Nitrokey is supported on Microsoft Windows, Linux, and Mac OS X.
- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis - Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. Here, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away. Beyond acoustics, we demonstrate that a similar low-bandwidth attack can be performed by measuring the electric potential of a computer chassis. A suitably-equipped attacker need merely touch the target computer with his bare hand, or get the required leakage information from the ground wires at the remote end of VGA, USB or Ethernet cables.
Legal
- http://safeharbor.export.gov/list.aspx - UK DPA safe harbours