This article will explain how to execute a PLONK zero-knowledge proof system completely by hand. In particular we will show how to choose parameters, run a trusted setup, and convert a statement into a PLONK-style circuit by hand.
Keyoxide allows you to link accounts on various online services and platforms together, prove they belong to you and establish an online identity. This puts you, the internet citizen, in charge when it comes to defining who you are on the internet instead of large corporations.
Seems a lot like Keybase.
Source code: https://codeberg.org/keyoxide/web
Seems like it's written in PHP. Could be a lot worse.
A curated list of awesome stuff around the Matrix protocol, network, and ecosystem.
This guide arose out of the need for system administrators to have an updated, solid, well researched and thought-through guide for configuring SSL, PGP, SSH and other cryptographic tools in the post-Snowden age. Triggered by the NSA leaks in the summer of 2013, many system administrators and IT security officers saw the need to strengthen their encryption settings. This guide is specifically written for these system administrators.
The focus of this guide is merely to give current best practices for configuring complex cipher suites and related parameters in a copy & paste-able manner. The guide tries to stay as concise as is possible for such a complex topic as cryptography. Naturally, it can not be complete. There are many excellent guides (II & SYM, 2012) and best practice documents available when it comes to cryptography. However none of them focuses specifically on what an average system administrator needs for hardening his or her systems' crypto settings.
Seems to work a lot like Keybase, only without some of the more useful features. Haven't dug into it, really, so not a lot of info just yet.
PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It supports Python 2.6 and 2.7, Python 3.4 and newer, and PyPy. It assumes that you know what you're doing, so this is not a safe-to-use module. The Cryptographic Best Practices website should be open at the same time.
Nebula is a mutually authenticated peer-to-peer software defined network based on the Noise Protocol Framework. Nebula uses certificates to assert a node's IP address, name, and membership within user-defined groups. Nebula's user-defined groups allow for provider agnostic traffic filtering between nodes. Discovery nodes allow individual peers to find each other and optionally use UDP hole punching to establish connections from behind most firewalls or NATs. Users can move data between nodes in any number of cloud service providers, datacenters, and endpoints, without needing to maintain a particular addressing scheme.
Nebula was created to provide a mechanism for groups hosts to communicate securely, even across the internet, while enabling expressive firewall definitions similar in style to cloud security groups.
A curated list of amazingly awesome XMPP server, clients, libraries, resources - with focus on security.
A simple, secure and modern encryption tool with small explicit keys, no config options, and UNIX-style composability. Tries to suck less than GnuPG. Tries to do the right thing only, without any configuration options or blinkylights. Encrypt-with-authentication, decrypt-with-authentication, that's it. Looks like it uses elliptic curve crypto. Written in Go.
An alternative initramfs for Linux that offers additional technical capability. Boot from systems with some combination of encrypted storage, softraid, and LVM. Has a minimal rescue environment that you can SSH into. Even supports booting into and restoring suspended systems.
A pure python implementation of TweetNaCl.
Minisign is a dead simple tool to sign files and verify signatures. It is portable, lightweight, and uses the highly secure Ed25519 public-key signature system. Requires libsodium.
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. Clear human-readable and machine-readable outputs. No installation needed, uses only bash. Test any SSL/TLS enabled service on any port.
The goal of this document is to help operational teams with the configuration of TLS on servers. All Mozilla sites and deployment should follow the recommendations below. The Operations Security (OpSec) team maintains this document as a reference guide to navigate the TLS landscape. It contains information on TLS protocols, known issues and vulnerabilities, configuration examples and testing tools. Changes are reviewed and merged by the OpSec team, and broadcasted to the various Operational teams.
Autocrypt is a set of guidelines for developers to achieve convenient end-to-end-encryption of e-mails. It specifies how e-mail programs negotiate encryption capabilities using regular e-mails.
For users, Autocrypt Level 1 offers single-click, opt-in encryption, eases encrypted group communications, and provides a way to setup encryption on multiple devices.
A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more. Especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.
An AX.25 packet radio chat protocol with support for digital signatures and binary compression. Like IRC over radio. Note that, because encrypted messages are illegal on ham bands, messages are signed to prevent spoofing but are not encrypted. Requires a TNC to send AX.25 - Direwolf is recommended.
An alternative to Twitter's verified program powered by Keybase.
Proven is a browser extension that adds badges like for keybase, github, etc next to users names like Twitter's verified badge but based what accounts the user has posted proofs for Keybase. See the screenshot for what it looks like.
In addition to twitter, it adds badges on Hacker News too.
Available for Chrome and Firefox.
BeePaste is a simple pastebin which is written using Python and the Sanic framework. Designed to be self-hosted and easy to use - paste logs, snippets, and documents. Send stuff from the command line. Has an API that aims to make it easy and flexible to use. Supports shared key (XOR) and PGP encryption. Use the ACE Editor so it's closer to a pad than a pastebin.
Team's Github org: https://github.com/beepaste
Backend written in Python, uses Mongo and Redis.