Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
A ZIP archive may contain many entries whose content can be compressed and/or encrypted. In particular, entries can be encrypted with a password-based symmetric encryption algorithm referred to as traditional PKWARE encryption, legacy encryption or ZipCrypto. This algorithm generates a pseudo-random stream of bytes (keystream) which is XORed to the entry's content (plaintext) to produce encrypted data (ciphertext). The generator's state, made of three 32-bits integers, is initialized using the password and then continuously updated with plaintext as encryption goes on. This encryption algorithm is vulnerable to known plaintext attacks as shown by Eli Biham and Paul C. Kocher in the research paper A known plaintext attack on the PKZIP stream cipher. Given ciphertext and 12 or more bytes of the corresponding plaintext, the internal state of the keystream generator can be recovered. This internal state is enough to decipher ciphertext entirely as well as other entries which were encrypted with the same password. It can also be used to bruteforce the password with a complexity of nl-6 where n is the size of the character set and l is the length of the password.
A software (and optionally, hardware) project for automating the creation of offsite backups on flash drives. The idea is that you have a large-ish flash drive on your keyring; when you take your keys out of your pocket, plug the flash drive into the device. The specific use case is a hanging key holder with a RasPi inside of it. The files in the backup script are automatically encrypted and copied onto the flash drive. That way, if anything happens while you're out and about you have the latest and greatest copies of the files already with you.
Many common and unusual algorithms, implemented in Python as learning exercises. If you want to get a sense of what, say, data structures or fuzzy logic would look like in Python, this is a good place to start.
Yopass is a project for sharing secrets in a quick and secure manner*. The sole purpose of Yopass is to minimize the amount of passwords floating around in ticket management systems, Slack messages and emails. The message is encrypted/decrypted locally in the browser and then sent to yopass without the decryption key which is only visible once during encryption, yopass then returns a one-time URL with specified expiry date.
There is no perfect way of sharing secrets online and there is a trade off in every implementation. Yopass is designed to be as simple and "dumb" as possible without compromising on security. There's no mapping between the generated UUID and the user that submitted the encrypted message. It's always best send all the context except password over another channel.
Messages can only be viewed once. Message can self-destruct automatically. No accounts or registration is required.
Has CLI functionality built in.
Uses memcached or redis as its back-end.
Public instance: https://yopass.se/
CryptoLyzer is a fast and flexible server cryptographic settings analyzer library for Python with an easy-to-use command line interface with both human- and machine-readable output. It works with multiple cryptographic protocols (SSL/TLS, opportunistic TLS, SSH) and analyzes
additional security mechanisms (web security related HTTP response header fields, JA3 tag).
This repository contains open-source libraries and tools to perform fully homomorphic encryption (FHE) operations on an encrypted data set.
Fully Homomorphic Encryption (FHE) is an emerging data processing paradigm that allows developers to perform transformations on encrypted data. FHE can change the way computations are performed by preserving privacy end-to-end, thereby giving users even greater confidence that their information will remain private and secure.
This is not an officially supported Google product.
A daemon which implements an API bridge to the Signal network. This is for hooking bots into the Signal messaging network as well as connecting other kinds of software and webhooks in.
Banana Split uses Shamir's secret sharing to make your paper backups more resilient and secure.
After you type in your secret into Banana Split, it will be encrypted with a autogenerated passphrase and split into N QR-codes, ready to be printed out. You'll need N/2+1 of those printouts to reconstruct the secret, and then the passphrase to decrypt it.
Banana Split tries to protect your secret from the attack vectors like "attacker is able to intercept everything you're sending to your printer", and that's why you'll have to write down the passphrase on your printouts by hand.
Banana Split is a self-contained HTML page, and should only be opened from your local Documents folder, while browser is in the Offline mode — this way the risk of compromise will be minimal.
Recovery can be done on any device with a webcam — just show your QR codes to the webcam and follow the notifications on screen in the process.
Saved to Keybase.
Utilities for cracking encrypted zip files that use weak encryption. CUDA enabled.
A Python module for accessing a Matrix server that is built using the no-I/O methodology - it conceals all of the input and output so development is focused on assembling what is sent and using what is received. Asynchronous in nature. In Pypi. Also end-to-end encryption capable. I don't know how flexible this library is so more investigation is required.
An implementation of Textsecure/Signal in Golang as a CLI tool. Can send and receive one-to-one and group messages.
A web application that sits in front of a command line Signal client that lets you send messages from a web browser. Seems to also have a REST API. Requires a second phone number to set up an account, it's not an extension to an existing Signal setup. Looks like all-Docker-all-the-time but it looks like you can also run it as a system service (a systemd .service file is in the docs, and it says nothing about using Docker for that).
Interestingly, it's a couple of shell scripts.
Our mission is to promote new technologies, protect privacy and protection of human rights. When you yourself encrypt your messages and using jabber, we can not know what you're talking about.
Daniel J. Berstein's homepage. There are tools and code galore here - check it out!
A utility which can be used to recover the passphrase for a PGP or GnuPG key.