cipher

Famous Unsolved Codes and Ciphers

Here's a nice list of Famous Unsolved Codes and Ciphers.

Makes an interesting read for a rainy day... Or if you want to give one of the codes a try and solve it, go ahead, and let us know the results :-)

(via joatBlog)

Encrypted SMS Solutions?

Dear Lazyweb,

I was recently thinking about SMS encryption (you know, the short messages sent from your cell phone). Or MMS encryption for that matter. Are there any Free Software solutions to implement such a thing, based on well-known crypto primitives and proven implementations thereof?

From a quick glance I could not find anything usable, only lots of commercial, closed-source "solutions" which cost money and are basically crap.

I was thinking about hacking together a small Java application (so that most modern phones can run it) which basically asks for a password and pipes your text through AES before sending the SMS. On the receiver's side, you enter the same password and get to see the plaintext. That's pretty much it.

If you want something more elaborate you can use public-key crypto (basically embed GnuPG or similar into the application), but the above should be fine for most uses.

Anyways, I do not want to start implementing something like this if there are other, more mature projects out there which do the same...

Why you'd want to do this (other than simple paranoia, or the fact that governments and other institutions are spying on everyone these days, whether they're allowed to or not)? Well, one good reason for SMS encryption is when you're using some kind of SMS gateways, e.g. a website which gives you 2-3 free SMS per month if you sign up with them and give them tons of personal data. That alone is crappy enough, but you don't want their admins to be able to read and store all your SMSes in addition (which consist of simple plain-text, transmitted though HTTP in this case!). Neither should any local or remote scriptkiddy who knows how to use a sniffer be able to read your private SMSes.

Solution: Write the text in your favorite text editor, pipe it through aespipe (for example), cut'n'paste the result in the web form of the SMS service. The receiver does everthing backwards and you're done.

HOWTO: Encrypted USB thumb drives and (USB) hard disks using loop-AES

Yet another thing that has been on my TODO list for quite a while: encrypted USB thumb drives and/or encrypted external USB hard drives.

I have finally tried this over the weekend using loop-AES. This is very useful for securing your USB thumb drive contents in case you lose it or it gets stolen. Also, I use an external USB hard drive for backups (previously unencrypted). This is encryped now, too.

Here's a quick HOWTO:

  1. Get the loop-AES kernel patches, apply them, enable "AES encrypted loop device support" in "Device Drivers -> Block Devices -> Loopback device support", and recompile the kernel.
    I also enabled "loop encryption key scrubbing support" as it seems to promise higher security (can anybody confirm that?).
    If you're using the Debian kernel packages, apt-get install loop-aes-2.6-686 (or a similar package) should suffice.
  2. Get a loop-aes enabled losetup, mount etc.:
    apt-get install loop-aes-utils
  3. Securely delete the target partition: shred -n 1 -v /dev/sda3.
    Use -n 25 or higher if you want more security and have a few days time to wait for the thing to finish...
  4. Setup the loopback device: losetup -e aes256 -C 3 -S 'seed' /dev/loop0 /dev/sda3.
    Notes:

    • I used AES-256 as cipher, but others are possible.
    • The -C 3 means "run hashed password through 3000 iterations of AES-256 before using it for loop encryption. This consumes lots of CPU cycles at loop setup/mount time but not thereafter." (see losetup(8)). This is supposed to be more secure.
    • Using -S 'seed' (replace "seed" with a secret string like "g7sN4" or something) should make brute force attacks a bit harder. Don't forget the seed!
    • You'll be asked for a passphrase > 20 characters. Choose a good one. Don't forget it!
  5. Create the filesystem (I used ext3): mke2fs -j /dev/loop0
  6. Detach the loopback device: losetup -d /dev/loop0
  7. Add this to /etc/fstab:
    /dev/sda3 /mnt/crypted_sda3 ext3 noauto,loop=/dev/loop0,encryption=AES256,itercountk=3 0 0
  8. Mount the (now encrypted) partition by supplying the seed and entering the chosen password: mount -o pseed=seed /mnt/crypted_sda3
  9. Done. You can now copy stuff to /mnt/crypted_sda3 which will be encrypted automatically.

For a more detailed guide read the Encrypted-Root-Filesystem-HOWTO. A performance comparison of different ciphers is available, but in general I didn't notice too much of a slow-down because of the encryption...

Syndicate content