2 years, 10 months agoThe legendary inventor of cipher machines — Boris Caesar Wilhelm Hagelin (1892 - 1983).
There are no applications of communication where the solutions developed by Crypto AG firm which more than was founded by the talented cryptographer Boris Hagelin 60 years ago would not be applied.
The nomenclature of the equipment and the software of Crypto AG is exclusively wide. The company not only shifrtekhniky for government and military communication is known. At offices the most part of daily message exchange and data still goes on classical channels – PSTN/ISDN, analog or digital telephony and the fax. Confidentiality of negotiations, faxes and information in notebooks is provided with a number of the hardware solutions Crypto AG: PSTN Encryption HC-2203, Secure GSM HC-2423, Fax Ecryption HC-4221, Crypto PC Security HC-6360, Crypto Laptop HC-6835 and others.
At the end of the 18th century the cryptography was enriched with the remarkable invention — Jefferson's coder called in honor of the statesman, the first state secretary, and then and the president of America Thomas Jefferson. Jefferson called the system "the disk cipher". Such device implemented the famous cipher of multialphabetic replacement.
The coder represented the wooden cylinder which was cut on 36 disks (though the quantity of disks could be also another), which were got on one axis so that independently to turn around it. On lateral surfaces of disks in a free order — all letters of the English alphabet.
2 years, 10 months ago
In the previous article implementation of the most curve Ed25519, addition operation and multiplication by number, recovery of the second coordinate was considered. In this article questions of effective use of these operations for a digital signature of messages and work in I2P are considered.
Algorithm of the signature of EdDSA
Unlike RSA where the secret and public key can be used directly, it is necessary to use more complex circuit here and to enter some additional object. EdDSA conceptually implements algorithm of DSA, extending it to a case of curves. Couple of numbers act as the signature (R, S), for EdDSA each 32 bytes long, total signature length — 64 bytes. Not data, but a hash it them are signed. In quality the hash function is used by SHA512. Further small letters will designate numbers, and capital letters — the corresponding point on a curve received by multiplication of number by a basic point of B.
In 2007 in California, by request of authorities of the state, during the pre-election company for short term several strong hacker teams which analyzed the applied systems of electronic voting machines were collected and, about "horror", showed terrible weakness of each of them. It is amazing that for more than ten-year term of use of computer systems on elections of the Supreme political power in the USA (nominally the most democratic country of the world), the equipment for vote officially was not exposed to a comprehensive, independent audit inspection on safety. Manufacturers provided complete documentation, internal technical specifications and texts of source codes of programs. Term on researches was limited three weeks, but them it appeared quite as enough for demonstration of weak protection of all electronic systems of vote against abuses and manipulations with votes.
The programs racketeers using data encryption of users for a vymanivaniye of money at the victims use more and more sophisticated ways of blackmail. Creators of such software try to increase the income, thinking out new and new functions for the programs, for example, as we told earlier, some already began to cipher data in "offline".
This time it will be a question of one of newcomers of the ransomware market, the cryptoracketeer of Chimera who tries to select only representatives of business. This category of users usually very much values the data, and calculation, in general, correct: the businessman, most likely, will pay for an opportunity to receive the files back. At the same time the sum which is demanded from the victim, much above "an average on hospital" of an indicator — $638, in small notes bitcoins. At this Chimera threatens to lay out personal data of the user in the Network if payment is not.
2 years, 10 months ago
Computing systems passed a way from mainframes to personal computers, and now make a way back — from personal computers to mainframes. Services for all comers in execution of calculations on the high-performance computers implemented in the form of the cloudy and other systems, from the companies providing similar services in public networks are in large quantities offered. However use of public computer networks bears risks for their consumers:
Leakages of private data in the course of their processing on the external device or in data transfer process;
Possibility of existence of distortions in the received results of calculations on the external device or in data transfer process. At the same time, even repeated repetition of calculations with the same basic data will not allow to find existence of these distortions if they carry system, but not accidental character.
We will not consider questions of leakage of private data or distortions in the results caused in data transfer process, leaving this subject of classical cryptography on providing a closed channel of communication of required degree of reliability. Let's consider a question when the external calculator can it is subject to a compromise, and on him are possible also the analysis of private data in processing, and distortion of results of calculations, and we will try to solve a problem which we will formulate as follows:
It is required to provide the mechanism of processing of private data on the external computing device which, when saving opportunities of use of standard algorithms, would allow to make impossible (that is rather difficult) detection of values of private data, and also would allow to reveal and correct the possible distortions in results of calculations entered accidentally or systemically.
As, undoubtedly, some additional processing of tasks and results, on the party of the consumer will be required, it is desirable that complexity (the price, time) such processing was much less complexity (the price, time) of a solution of the main objective – otherwise the consumer has no sense for carrying out calculations on external public networks.
Also, undoubtedly, the total quantity of the calculations given on the external calculator as any entering of redundancy into basic data, or for the purpose of an exception of their uniquely identifying, or for the purpose of control of their reliability, will undoubtedly demand processing of bigger amount of information can increase. However, as external computational capabilities can be increased only due to bigger payment from the consumer, reasonable increase in cost should not be decisive factor at the choice of algorithm of the mechanism of data protection.
2 years, 10 months ago
In this article the real method of receipt of the certificate from Let's Encrypt in the manual mode for its further installation on the Windows Web server (IIS/Microsoft Azure) or Linux (completely manual mode) will be described. Because of the absence of the official client under Windows for generation of the certificate the Linux distribution kit will be used.
Background: from the very beginning for the website of our Moscow company (according to the link the test beta certificate of Let's Encrypt is already set) the "simple" SSL certificate was necessary for confirmation of the domain and data encryption.
In the first opening days of requests for beta testing the decision to register was also made and recently the letter which reports that now the ACME program will generate the valid certificate for our domain came:
Further we decided to publish article with the step-by-step instruction of process that by the time of release you could already quickly create and begin to use the certificate.