Image of the glider from the Game of Life by John Conway
Skip to content

{ Category Archives } Cryptology

Password Attacks, Part II - The Dictionary Attack

Introduction Before we start delving into the obscure attacks, it probably makes the most sense to get introduced to the most common attacks. The dictionary attack is one such attack. Previously we talked about the brute force attack, which is highly ineffective, and exceptionally slow and expensive to maintain. Here, we'll introduce a much more […]

Password Attacks, Part I - The Brute Force Attack

Introduction For those who follow my blog know I have blogged about password security in the past. No matter how you spin it, no matter how you argue it, no matter what your opinions are on password security. If you don't think entropy matters, think again. Entropy is everything. Now, I've blogged about entropy from […]

Create Your Own Graphical Web Of Trust- Updated

A couple years ago, I wrote about how you can create a graphical representation of your OpenPGP Web of Trust. It's funny how I've been keeping mine up-to-date for these past couple years as I attend keysigning parties, without really thinking about what it looks like. Well, I recently returned from the SCaLE 11x conference, […]

Announcing Hundun

Per my last post, I decided to setup an entropy server that the community could use. So, I've done just that. That server uses 5 entropy keys from Simtec Electronics in the U.K. as its hardware true random number generators. It hands out high quality randomness for the most critical cryptographic applications. The purpose, is […]

The Entropy Server

With my last post about the entropy key hardware true random number generator (TRNG), I was curious if I could set this up as a server. Basically, bind to a port that spits out true random bits over the internet, and allow clients to connect to it to fill their own entropy pools. One of […]

The Entropy Key

Recently, I purchased 5 entropy keys from http://entropykey.co.uk. They are hardware true random number generators using reverse bias P-N junctions. Basically, they time when electrons jump a depeltion zone in the junction, where a voltage is applied to the point of near breakdown. Basically, taking advantage of the random characteristics of quantum mechanics. There are […]

Automated Diceware Passwords

For those unfamiliar, Diceware.com is a way of picking truly random passphrases from a predefined dictionary list of words. The idea is that each word has a 5 digit number attached to it. Each digit in the number holds the values 1-6, in numerical order. So, the first password starts with 11111, then 11112, 11113, […]

Haveged Continued

I noticed that on my machine, my entropy was staying high, then falling off. Then, at what appeared to be some arbitrary point, it would fill back up, in a very periodic manner. This is, of course, after running haveged in the background. Curious, I started looking into it. It took a while to find. […]

Haveged - A True Random Number Generator

I admit that my last post sucked. I've been working on a few things that I want to blog about, but it's going to take time to get all my ducks in a row. So, that post was mostly "filler". Read as "I haven't blogged in a while, and should probably put something up". Sorry. […]

The One-Time Pad Hard Drive

I devised a system to use the one-time pad (OTP) using nothing more than a hard drive. It goes something like this: Meet in person with identical size hard drives. Encrypt the hard drive. File the drive with random keys of incrementing size. Devise an alorithm for using the keys. Unmount the drive. Enjoy the […]

Encrypted ZFS Filesystems On Linux

This is just a quick post about getting a fully kernel-space encrypted ZFS filesystem setup with GNU/Linux, while still keeping all the benefits of what ZFS offers. Rather than using dmcrypt and LUKS, which would bypass a lot of the features ZFS brings to the table, encryptfs is our ticket. The reason this is so […]

High Capacity Color Barcode

I've been reading up on how to actually create physical QR Codes, complete with error correction. It's been very enlightening, and has grown a deeper fascination on the symbology of barcodes in general for me. While I'm not in 100% agreement with how they are currently being used (marketing, mailing lists, coupons, etc.), I do […]

Hand Ciphers: Solitaire Cipher

This hand cipher was invented by cryptographer Bruce Schneier, and requires nothing more than a full 54-card deck of standard playing cards. Here is the basic idea, then we'll get into the details. First, you need a standard 52-card poker deck of playing cards (4 suits, 13 unique cards per suit), with the two jokers. […]

Randomize First, Then Encrypt Your Block Device

This blog post is in continuation of the previous post, where I showed why you should not use ECB when encrypting your data. Well, when putting down an encrypted filesystem, such as LUKS, you've probably been told that you should put random data down on the partition first BEFORE encrypting the disk. Well, this post […]

ECB vs CBC Encryption

This is something you can do on your computer fairly easily, provided you have OpenSSL installed, which I would be willing to bet you do. Take a bitmap image (any image will work fine, I'm just going to use bitmap headers in this example), such as the Ubuntu logo, and encrypt it with AES in […]