Category Archives: Security

Transitioning SSH from RSA to ED25519

May 27th, 2020
Posted in Security | No Comments

Nick Sullivan1 writes: You can compute how much energy is needed to break a cryptographic algorithm and compare that with how much water that energy could boil. This is a kind of a cryptographic carbon footprint. By this measure, breaking a 228-bit RSA key requires less energy than it takes to boil a teaspoon of […]

What is a Nonce?

May 7th, 2020
Posted in Security | No Comments

A nonce is a value, N, that is used only once: Nonce. Nonces or nonce values are encountered in cryptography. The initialization vector used for AES in CBC mode are typically nonces: C1 = CIPHK(P1 ⊕ Nonce) Cj = CIPHK(Pj ⊕ Cj-1) for 2 <= j <= n Here, cipher block 1 is the result […]

Encrypting /home on Dell XPS 13 7390

November 28th, 2019
Posted in Security | 1 Comment

The following procedure adds encryption to pre-installed Ubuntu 18.04 on Dell XPS 13 7390: Within a console or terminal, sudo into root. $ sudo su – Create LUKS encrypted file container (20,000 Megabytes or 20GB, for example). # dd status=progress if=/dev/zero bs=1M count=20000 of=/.hostname-home.img # cryptsetup luksFormat /.hostname-home.img Open LUKS encrypted file container. # cryptsetup […]

Personal Password Policies

September 28th, 2019
Posted in Security | 1 Comment

Need secure passwords that are not completely unintelligible? Devise a personal password policy: Select three or four words from a dictionary. Consider using adverbial forms, past and present tense of verbs. Consider using singular and plural forms of nouns. Avoid idioms. Pick a number. Consider inserting leading 0s. Pick a symbol: !@#$%^&*()-_=+ Assemble the above […]

Securing Dynamically Generated HTML

September 22nd, 2019
Posted in Security | No Comments

Implementing code that simply displays a user’s IP address as part of an HTML page may be considered easy. Without security considerations, it can be implemented in PHP simply with the following: echo “IP: ” . $_SERVER[‘REMOTE_ADDR’]; 2011 CWE/SANS Top 25: Monster Mitigations recommends establishing and maintaining “control over all your inputs” and “control over […]