Tag Archives: rsa

Let's Encrypt 支援 IDN

Let's Encrypt 宣佈支援 IDN:「Introducing Internationalized Domain Name (IDN) Support」,這代表可以申請的範圍變得更廣了: This means that our users around the world can now get free Let’s Encrypt certificates for domains containing characters outside of the ASCII set, which is built primarily for the English … Continue reading

Posted in Computer, DNS, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , , | Leave a comment

Google Chrome 引入 CECPQ1,開始測試 Post-Quantum Cryptography

Quantum Computer 對現有密碼學的衝擊很大,像是 RSA 演算法是基於「質因數分解」的難題而架構出來的系統,在 Quantum Computer 上存在有效率的演算法,也就是 Shor's algorithm。 雖然 Quantum Computer 在技術上還沒辦法對現有演算法造成有效的攻擊,但已經有人提出新的演算法來對抗,而 Google 打算在 Google Chrome 裡面引入測試:「Experimenting with Post-Quantum Cryptography」。 Google 也特別說明了,他們不希望這個實驗最後變成 de-facto standard (借測轉出貨的概念),而是希望當作一個開頭,希望之後可以用更好的標準換掉: We explicitly do not wish to make our selected post-quantum algorithm a de-facto … Continue reading

Posted in Browser, Computer, GoogleChrome, Murmuring, Network, Security, Software, WWW | Tagged , , , , , , , | 1 Comment

密碼系統的 Monoculture

這篇文章講到最近密碼系統的現象:「On the Impending Crypto Monoculture」。 目前常在用的密碼系統包括了 RSA、DH、ECDH、ECDSA、SHA-2、AES 這些演算法,而最近這幾年大家在推廣使用的演算法都出自於同一個人手裡,Dan Bernstein,也就是 djb: A major feature of these changes includes the dropping of traditional encryption algorithms and mechanisms like RSA, DH, ECDH/ECDSA, SHA-2, and AES, for a completely different set of mechanisms, including … Continue reading

Posted in Computer, Murmuring, Security | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , | 1 Comment

USD$75 解 RSA 512bits

Cryptology ePrint Archive 上面剛好是 2015 年編號 1000 號的論文:「Factoring as a Service」。透過 Amazon EC2 服務以及 CADO-NFS 的幫助,四小時內就可以解出 512bits RSA,而如同作者說的,雖然已經很不安全了,但在許多地方仍然被使用著: The difficulty of integer factorization is fundamental to modern cryptographic security using RSA encryption and signatures. Although a 512-bit RSA modulus was … Continue reading

Posted in AWS, Cloud, Computer, DNS, Murmuring, Network, Security | Tagged , , , , , , , , , | Leave a comment

Let's Encrypt 建立 Root Certificate 與 Intermediate Certificate

Let's Encrypt 的 Root Certificate 與 Intermediate Certificate 建出來了:「Let's Encrypt Root and Intermediate Certificates」。 Intermediate Certificate 除了會讓自己的 Root Certificate 簽名外,也會讓 IdenTrust 的 DST Root CA X3 簽 (目前各大瀏覽器與 SSL library 都有支援)。 目前是 RSA key,之後會生出 ECDSA key: All ISRG keys are … Continue reading

Posted in Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , , | Leave a comment

對 GitHub 的 Public Key 分析

在 Hacker News Daily 上看到有人針對 GitHub 上的 Public Key 分析:「Auditing GitHub users’ SSH key quality」。 這個分析主要用的是 GitHub 的 .keys 功能取得: A little known feature of GitHub is the ability to look at the public SSH keys that other users have … Continue reading

Posted in Computer, Murmuring, Network, Security | Tagged , , , , , , , | Leave a comment

CloudFlare 對 Go 上面加解密系統的改善

CloudFlare 發佈了自己版本的 Go,修改了其中的 crypto subsystem:「Go crypto: bridging the performance gap」。 文章花了不少篇幅介紹 AEAD (Authenticated Encryption with Associated Data),而目前 CloudFlare 支援的是 AES-GCM 與 ChaCha20-Poly1305,也是兩大主流,分別佔了 60% 與 10% 的 HTTPS 流量: As such today more than 60% of our client facing traffic is … Continue reading

Posted in CDN, Cloud, Computer, Murmuring, Network, Programming, Security, Software | Tagged , , , , , , , , , , , , , , | Leave a comment

RSA Conference 2015 禁止 Show Girl

前幾天的消息:「RSA Conference Bans "Booth Babes"」。報導出自於「RSA Conference bans ‘booth babes’」。 規範的文字: All Expo staff are expected to dress in business and/or business casual attire. Exhibitors should ensure that the attire of al staff they deploy at their booth (whether the exhibitor’s … Continue reading

Posted in Computer, Murmuring, Network, Security | Tagged , , , , , , , , , , | Leave a comment

CloudFlare 的 Keyless SSL 服務

CloudFlare 有兩篇公告出來:「Announcing Keyless SSL™: All the Benefits of CloudFlare Without Having to Turn Over Your Private SSL Keys」、「Keyless SSL: The Nitty Gritty Technical Details」。前面的一篇偏向公告文 (以及公關稿),而後面的一篇提到了實際運作的方式。 用兩張 Keyless SSL 的 flow 就可以知道差異了,一張是 RSA-based,一張是 DH-based: 把與 private key 相關的運算拆出來,由後方計算完成後再計算出 session key 與 … Continue reading

Posted in CDN, Cloud, Computer, Murmuring, Network, Security, WWW | Tagged , , , , , , , , , , , | Leave a comment

很特別的 Side-channel attack 方法以取得 RSA 與 ElGamel 的 private key

在「A new Side channel attack-how to steal encryption keys by touching PCs」這邊看到一種很特別的 side-channel attack:(直接先看圖) 引用說明: The signal can also be measured at the remote end of Ethernet, VGA or USB cables. 方法愈來愈特別了 XDDD

Posted in Computer, Hardware, Murmuring, Security | Tagged , , , , , , , , , , , | Leave a comment