recentpopularlog in

wjy : cryptography   60

google/tink: Tink is a multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
Tink is a multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
google  library  crypto  cryptography  security  java  c++ 
september 2018 by wjy
Modular online encoding, encryption and conversion tool — Cryptii
Modular online encoding, encryption and conversion tool
Web app that encodes, decodes, encrypts, decrypts, converts, translates, simulates and views content online offering a variety of ciphers, formats, algorithms and methods. Read more
tools  web  cryptography  encryption 
march 2018 by wjy
Password-authenticated key agreement - Wikipedia
In cryptography, a password-authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password.

An important property is that an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each (few) guesses. This means that strong security can be obtained using weak passwords.
cryptography  crypto  wikipedia 
june 2017 by wjy
We have broken SHA-1 in practice.

This industry cryptographic hash function standard is used for digital signatures and file integrity verification, and protects a wide spectrum of digital assets, including credit card transactions, electronic documents, open-source software repositories and software updates.

It is now practically possible to craft two colliding PDF files and obtain a SHA-1 digital signature on the first PDF file which can also be abused as a valid signature on the second PDF file.

For example, by crafting the two colliding PDF files as two rental agreements with different rent, it is possible to trick someone to create a valid signature for a high-rent contract by having him or her sign a low-rent contract.
security  cryptography  encryption  collision  sha1  google  shattered 
february 2017 by wjy
google/conscrypt: Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension.
Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension.
java  google  cryptography  netty  library 
december 2016 by wjy
Million Dollar Curve
Time has come to get rid of arbitrary choices. By using publicly verifiable randomness produced in February 2016 by many national lotteries from all around the world, we propose to generate a cryptographically secure elliptic curve for the ECDH cryptosystem as an alternative to the NIST P-256 and the Curve25519 curves. It is designed so that nobody (even us!) can put a trap in it.
ellipticcurve  cryptography  security. 
february 2016 by wjy
Kyle Isom: S/Channel
This library was born out of a need to set up a secure channel over a TCP/IP network without the overhead of TLS. It uses NaCl for security, and follows the guidelines for secure channels outlined in Cryptography Engineering. A secure channel has the following properties: A bi-directional channel has separate keys for each direction. The channel has send and receive counters to prevent replayed messages; these message counters will be reset whenever the keys are rotated. A regressed message counter is considered a decryption failure. The channel transmits discrete messages, and doesn’t operate as a stream. New keys are generated for each channel. An eavesdropper can still perform traffic analysis to note when and how often the two sides communicate, and will be able to observe the size of the messages. There are three different types of keys that are used in this system; users of this system need only worry about one of them.
nacl  tcp  crypto  secure  cryptography 
july 2015 by wjy
Theory | Phuctor
An RSA public key consists of a modulus n and an exponent e. Modulus n is a product of two large primes, p and q. If one knows p or q, one can derive the private key corresponding to the given public key. A typical GPG public key contains one or more RSA moduli, depending on the number of sub-keys. Under certain conditions, a public key modulus will share a common factor with an existing modulus belonging to someone else. This may happen if both keys were generated on a system with a thoroughly-broken entropy source, or if a particular GPG implementation has been back-doored.
rsa  publickey  cryptography 
may 2015 by wjy
SHAAAAAAAAAAAAA | Check your site for weak SHA-1 certificates.
SSL certificates are signed using a one-way hash — usually SHA-1. Which is too bad, because SHA-1 is becoming dangerously weak. It's time to upgrade to SHA-2.
ssl  security  sha1  sha2  test  cryptography  certificate 
april 2015 by wjy
somesocks/lua-lockbox · GitHub
A collection of cryptographic primitives and protocols written in pure Lua. This was written to provide cross-platform, tested reference implementations of many different cryptographic primitives. These are written to be easy to read and easy to use, not for performance!
lua  library  programming  cryptography  ctypto 
january 2015 by wjy
CLINT: A Cryptographic Library for the INternet of Things
CLINT is a completely self-contained cryptographic library (except for the requirement for an external entropy source for random number generation).
realworldcrypto  rwc2015  clint  library  cryptographic  crypto  cryptography 
january 2015 by wjy
Cryptlib | Encryption Security Software Development Toolkit | SSL, SSH, TLS, S/MIME, PGP...
The cryptlib Security Software Development Toolkit allows even inexperienced developers to easily add world-class security services to their applications by learning a single API. cryptlib manages all your SSL, SSH, TLS, S/MIME, PGP, OpenPGP, PKI, X.509, CMP, OCSP and SCEP security requirements, and more.
library  security  cryptography  crypto  toolkit  encryption 
january 2015 by wjy
keyczar - Toolkit for safe and simple cryptography - Google Project Hosting
Keyczar is an open source cryptographic toolkit designed to make it easier and safer for developers to use cryptography in their applications. Keyczar supports authentication and encryption with both symmetric and asymmetric keys. Some features of Keyczar include: A simple API Key rotation and versioning Safe default algorithms, modes, and key lengths Automated generation of initialization vectors and ciphertext signatures Java, Python, and C++ implementations
security  java  python  opensource  library  google  cryptography  crypto 
january 2015 by wjy
An elliptic curve arithmetic and cryptography library in Pure Rust®.
rust  library  ecc  cryptography  crypto 
december 2014 by wjy
The Karacell 3 Cryptosystem / Tigerspike - Unlock the Power of Personal Media
Karacell is a byte-granular, blockwise-parallel (stream-friendly) symmetric encryption system from Tigerspike. It was specifically designed with mobile technology, parallelism, low latency, and the threat of quantum computing in mind.
karacell  encryption  cryptography 
december 2014 by wjy
Crypto 101
Crypto 101 is an introductory course on cryptography, freely available for programmers of all ages and skill levels.
cryptography  crypto  course 
november 2014 by wjy
TweetNaCl: Introduction
TweetNaCl is the world's first auditable high-security cryptographic library. TweetNaCl fits into just 100 tweets while supporting all 25 of the C NaCl functions used by applications. TweetNaCl is a self-contained public-domain C library, so it can easily be integrated into applications.
crypto  cryptography  nacl  tweetnacl  c 
september 2014 by wjy
Cryptris, a video game on cryptography
Cryptris is a project funded and directed by Inria (the French institute for research in CS) and developed Digitalcuisine as an effort to popularize the understanding and the enlighten use of Cryptography to preserve privacy of communications.
crypto  cryptography  videogame  game  french 
june 2014 by wjy
SSL Library PolarSSL: Download for free or buy a commercial license
PolarSSL offers an SSL library with an intuitive API and readable source code, so you can actually understand what the code does. Also the PolarSSL modules are as loosely coupled as possible and written in the portable C language. This allows you to use the parts you need, without having to include the total library.
cryptography  security  ssl  tls  library 
april 2014 by wjy
Organization dedicated to research, analysis topics like security, cryptography, forensic, electronics development, reverse engineering, science in general.
security  organization  research  cryptography  reverseengineering  reverseeng 
april 2014 by wjy
Stanford Javascript Crypto Library
The Stanford Javascript Crypto Library (hosted here on GitHub) is a project by the Stanford Computer Security Lab to build a secure, powerful, fast, small, easy-to-use, cross-browser library for cryptography in Javascript.
javascript  cryptography  crypto  programming  stanford  library  encryption  aes 
march 2014 by wjy - Computer Security Division - Computer Security Resource Center
The Computer Security Division's (CSD) Security Technology Group (STG) is involved in the development, maintenance, and promotion of a number of standards and guidance that cover a wide range of cryptographic technology. As it develops new standards, recommendations, and guidance, STG is aiming to develop a comprehensive Cryptographic Toolkit that will enable U.S. Government agencies and others to select cryptographic security components and functionality for protecting their data, communications, and operations. The toolkit currently includes a wide variety of cryptographic algorithms and techniques, and more will be added in the future.
security  cryptography  standards  algorithms  password  standard  tools 
january 2013 by wjy
Cipher Tools
Let's say that you need to send your friend a message, but you don't want another person to know what it is. You can use a full-blown encryption tool, such as PGP. If the message isn't that important or if it is intended to be decrypted by hand, you should use a simpler tool. This is a page dedicated to simple text manipulation tools, which all can be replicated with just paper and pencil.
converter  encryption  reference  decoder  code  security  puzzle  cipher  tools  cryptography 
january 2013 by wjy
Big Integers in JavaScript
This page demonstrates a JavaScript library for arbitrary-precision integers, BigInt.js. This page performs RSA in any base. In base 95, the message can be ordinary text. Click all the buttons in order to perform all the steps of RSA key generation, encryption, and decryption. Or just click the DO EVERYTHING button.
integer  programming  crypto  cryptography  encryption  rsa  bigint  math  js  javascript 
october 2012 by wjy
RSA and ECC in JavaScript
The jsbn library is a fast, portable implementation of large-number math in pure JavaScript, enabling public-key crypto and other applications on desktop and mobile browsers.
js  bigint  integer  programming  library  math  crypto  cryptography  encryption  security  rsa  javascript 
october 2012 by wjy
Stanford Javascript Crypto Library
a project by the Stanford Computer Security Lab to build a secure, powerful, fast, small, easy-to-use, cross-browser library for cryptography in Javascript.
PBKDF2  HMAC  aes  stanford  stanf  programming  library  cryptography  opensource  js  encryption  javascript  crypto  security 
april 2012 by wjy

Copy this bookmark:

to read