Developers Club geek daily blog

M-125 violet

3 years ago
Special communication — a thing very difficult.
And the role of the encoder is very important
for saving of secret.
Everywhere, even where the ocean boils,
hiding submarines,
skillful "shaman" will send in seconds
the kriptogrammny reports.

The cryptomachine M-125 — the granddaughter of legendary Enigma



M-125, with code the name Violet, represents the electromechanical 10th rotor cipher machine. It was for the first time provided in 1956, and became the most popular shifrmashiny in the countries of the Warsaw pact. For each participating country the version of the Violet was configured (the keyboard and the writing head are adapted under country language). The majority of machines perceived Latin and Cyrillics. The latin alphabet could differ, Cyrillics had no punctuation marks and was identical to all machines. Cryptofirmness is evaluated about 10^18.

Read more »


The program cryptoracketeer ciphers the user files in "offline"

3 years ago


Any ransomware, programs cryptoracketeers divorced now very much. Some just block the PC until the user pays. Other kinds of such software cipher files, sending a key to the server controlled by swindlers. But there are also other types of cryptoracketeers which work even more originally.

Researchers from the Check Point company carried out recently the analysis of work of one of kinds of such programs which uses the alternative cryptography technique of files and providing a key to the creators. The program — not new, for the first time it was noticed in June of last year. Since then the author repeatedly updated the creation (approximately time in two months), the cryptoracketeer constantly evolves and is improved. According to information security specialists, this sample was created by Russian-speaking malefactors, and it works as software, as a rule, with users from Russia.

Read more »


As we cracked 18 working kardersky shops and did not take cent

3 years ago
Presently the huge great number of "eminent" specialists in information security field, the people considering that it is already enough knowledge of the FireWall setup to rank themselves as "hackers" or specialists in the field of IB divorced. Personally I always considered that I have not enough knowledge in this sphere even to write normal article, but recent success of this history at one forum on cybersafety and a huge number of responses induced me to write this article on habr.
To whom it is interesting to those as we with children opened kardersky shops of Just For Fun welcome under kat.
image

Read more »


Future Web very much reminds Bitcoin

3 years ago
image

For most of people Joseph Lyubin is the leading thinker in promptly developing area of digital currencies. For me he was a person with whom I carried out the first transaction on an exchange of bitcoins, and the person, got used to tell big things by an equal and modest voice.

In the winter of 2014 he called me with himself on bitcoin conference in Miami to tell about the new Ethereum project which it with adherents from Canada started for several months before. When he explained me a project essence, he did not stint forecasts: "We will replace insurance companies and the Wall Street".

The list continued to grow. Online services on distribution of movies like Netflix and Hulu. Game platforms like Xbox and Sega Genesis. Messengers like Twitter. Pensions, currency exchanges, systems of vote, management of intellectual property, trust funds. If to trust Lubin, then all – is real everything that we do on the Internet or on other digital channels, will undergo radical changes.

The idea told them took control of minds of enthusiasts of digital currencies since then. The idea is that the technology providing safe transactions in a network bitcoin, and doing them transparent, very fast and not censored, and not demanding trust to other parties, can be used for processing of more difficult transactions and store any digital information in the Internet.

Read more »


Security Week 44: legislators and safety, cryptography and investigation

3 years ago
If there is in the field of information security a subject more difficult than cryptography, then this legislation. Any research work on enciphering, its main outputs and possible effects can be understood. In many cases for this purpose will be required few years of intensive training in the main and to the accompanying subjects, and a decade more of work as the expert in safety. But it is possible to understand. Not always it is possible to understand what effects the law regulating the sphere of information security will have even if it is attentive to read it. Even if you well know language in which it is written.

Nevertheless, it is necessary to understand because the legislation can seriously affect safety issues, in this or that party. Good, suitable initiatives motivate the companies better to be protected from cyberthreats, protect clients of banks from loss of money in case of on-line fraud, improve safety of the government institutions and our data processed by them, fight against crime. Bad laws at best do not change a landscape of threats in any way, in the worst — allow cybercriminals to be released, even after arrest and in the presence of convincing proofs of fault, complicate work of researchers, and do private data by slightly less private, than it would be desirable.

In this series of the digest we will talk about two important news in the field of the American IB-legislation, and also we will continue discussion of cryptography, this time — thanks to the NSA agency which decided to participate in discussion of questions of enciphering. What, however, too nearby left from policy. Rules: every week edition of the news website Threatpost selects three most significant news to which I add the expanded and ruthless comment. All episodes of series can be found on a tag.

Read more »


Cryptoanalysis of "Enigma"

3 years ago
image

All specialists unanimously agreed that a reading [of the Enigma] is impossible.
Admiral Kurt Fricke, Chief of Naval War Command

Enigma — the rotor cipher machine used by nazi Germany in the years of World War II. Thanks to the impact exerted on the war course, cracking of the Enigma became perhaps the most high point in centuries-old history of cryptoanalysis. In this topic I would like to tell about a cracking method, used in Bletchli-park, and also to describe the device of the machine.

Read more »


I2P: Transparent implementation of the signature of EdDSA

3 years ago
Recently the increasing popularity is gained by the digital signature of Ed25519 based on a kind of the elliptic curve offered by Berstein. In process of increase in number of the I2P nodes with this type of the signature there was a need of its support in the implementation of I2P as Ed25519 is not a part of popular cryptographic libraries. As a rule kinds of ref10 from the SUPERCOP library implemented by Berstein on the assembler, and then ported on other languages are used. This implementation works well and quickly, however it has the main shortcoming — it is unclear. Really, if to glance in the source code, then it is possible to see a large number of the same lines operating with a set of "magic" numbers, to understand what they mean, without deepening in the theory it is not possible. The purpose of this article is mathematically transparent implementation of Ed22519, using only standard operations with large numbers which are present at any cryptographic library with a speed of the work sufficient for practical use in I2P.

Read more »


The MikroTik setup as the OVPN server with use of kliyensky certificates and the list of a response

3 years ago
Before me there was a task to configure MikroTik as the OVPN server with use of client certificates and a possibility of their response. On this subject of accurate How-To I did not find in the Internet therefore decided to invent the own bicycle. In this article I will describe the scheme of setup of this miracle which turned out and working for me.

Read more »


Step-by-step work of GOST P 34.12-2015 in the ECB mode

3 years ago

Grasshopper in the ECB mode


Not so long ago there was an article devoted to the new standard of block encryption — GOST P 34.12-2015. In which all innovations of this algorithm are rather in detail described. In this article I will try to explain step-by-step action of algorithm in the mode of simple replacement that even more visually users could evaluate advantages of the domestic standard. In the course of development of round keys and in the mode of a zashifrovaniye the same conversions therefore we will not begin to take out separately this question are used. For bigger understanding each conversion will explain part of a code of implementation of the standard in language C ++

So, we will start.

Read more »


Security Week 43: difficult prime numbers, cryptography in HDD, patches of Adobe and Oracle

3 years ago
Opening a door to the world of cryptography, be careful! Can leave so what to close it will not turn out. Of course this coincidence, but hardly I recovered from news of last week about collisions in SHA-1 as right there was a subject about cracking of the ciphered traffic, with attack to Diffie-Hellman's protocol. Well, already according to the name it is clear in what business, huh? the Expert in the field of cryptography Bruce Schneier in May of this year published an angry post about "amateur enciphering". In any other field of activity of the expression like "leave it to professionals, all of you equally understand nothing" usually cause a criticism wave, but in relation to enciphering, with such statement, perhaps, it is possible and to agree. Especially as history around Diffie-Hellman's protocol, with participation of mathematicians, programmers and even Edward Snowden, is good to that the proof. It is a story about how the good, suitable algorithm was badly implemented in practice.

And here still found out that hard drives with the embedded system of enciphering protect your data not so well as it would be desirable. Generally, this release of the weekly digest of news about safety — about cryptography. And about patches. About very, there are a lot of patches. Bonus: a selection of the worn most out drain photos on safety.

All episodes of series can be found here.

Read more »