Diffie, Hellman, and PKC

https://negativepid.blog/diffie-hellman-and-pkc/

#DiffieHellman #cryptography #PKC #publicKeyCryptography #Internet #tech #IT #science #STEM #computing #AI #quantumComputing #inventions #innovation #Cybersecurity #onlineSecurity #negativepid

#WorkStories:
Someone from my company needs SSH access to some special, new machines hosted by a service provider. So, how do you securely exchange SSH keys?

The process that the nontechnical people came up with:
The service provider creates an #SSH key pair and sends us the private key via e-mail.
But they don't want to send over the SSH private key *unencrypted* via e-mail, that would be insecure. So someone should generate a #PGP key pair, send the public key to the service provider (via e-mail), who would encrypt the SSH private key with it and then send it via e-mail.

I can't decide whether I should be rolling on the floor laughing, crying in a quiet corner of the office or banging my head against the wall.

#cryptography #publickeycryptography #publickeycrypto

New Kitten release

• Fixes redirection from sign-in page when person is already authenticated.

https://kitten.small-web.org

To learn more about how Kitten automatically implements authentication for your Small Web sites and apps using public-key cryptography (so even your own server doesn’t know your secret)¹, please see the Authentication tutorial:

https://kitten.small-web.org/tutorials/authentication/

Enjoy!

💕

¹ The security (and privacy) of Domain/Kitten are based on a 32-byte cryptographically random secret string that only the person who owns/controls a domain knows.

This is basically a Base256-encoded ed25519 secret key where the Base256 alphabet is a set of curated emoji surrogate pairs without any special modifiers chosen mainly from the animals, plants, and food groups with some exceptions (to avoid common phobias or triggers, etc.) that we call KittenMoji.

…

When setting up a Small Web app via Domain, this key is generated in the person’s browser, on their own computer, and is never communicated to either the Domain instance or the Kitten app being installed. Instead the ed25519 public key is sent to both and signed token authentication is used when the server needs to verify the owner’s identity (e.g., before allowing access to the administration area).

The expected/encouraged behaviour is for the person to store this secret in their password manager of choice.

More: https://kitten.small-web.org/reference/#cryptographic-properties

#Kitten #SmallWeb #SmallTech #authentication #publicKeyCryptography #web #dev #NodeJS #JavaScript #HTML #CSS

Elliptic curves on FunctionalScript. Including Secp256k1, which is used in Bitcoin.

Just in case if we have to use decentralized identity much more often in the near future.
https://github.com/functionalscript/functionalscript/blob/main/secp/test.f.cjs#L45 #elliptic_curve #elliptic_curve_cryptography #PublicKeyCryptography

In den 1970er-Jahren ist Martin Hellman der erste Mathematiker, der zu Kryptografie forscht. Damit zieht er den Groll der NSA auf sich, denn der US-Auslandsgeheimdienst sieht seine eigenen Bestrebungen gefährdet.

#Kryptografie #Mathematik #PublicKeyCryptography #SpektrumDerWissenschaft #GeschichtenAusDerMathematik

https://detektor.fm/wissen/geschichten-aus-der-mathematik-martin-hellman?utm_campaign=share_on_mastodon&utm_medium=mastodon&utm_source=mastodon

#TIL about #cjdns

"An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing."

https://directory.fsf.org/wiki/Cjdns

#P2P #IPv6 #encryption #PublicKeyCryptography

I've generated my official GPG key for real-world usage! I wanted to wait until 2024 to generate the key so that the key says it was generated on the 1st of 2024. A bit picky, I know, but it'll make my OCD brain happy, lol. I'll be testing it out before I upload my public key for everyone. 

#GnuPG #GPG #PGP #Security #Privacy #Cryptography #PublicKeyCryptography

Great example of how helpful #ChatGPT is: it just walked me through the math behind #PublicKeyCryptography. I kind of, sort of understand the math better now.

It also came up with #emacs #lisp code to show each step of the math involved, for whichever two primes are input. It seems to work fine, without any tweaking or fixing.

Don't worry - I know enough #CyberSecurity to know not to try to roll my own *anything*. This is just for showing #K12 #InfoTech students how public key crypto works.

Passwörter im Internet sind oft nervig, schwer zu merken und dazu auch noch unsicher. Die Tech-Giganten Google, Apple und Microsoft wollen sie künftig durch sogenannte „Passkeys“ ersetzen. Sind die klassischen Passwörter also bald Vergangenheit?

#Biometrie #Datenschutz #FIDO #Passkeys #Passwörter #PublicKeyCryptography #ZurückZumThema

https://detektor.fm/digital/zurueck-zum-thema-passwoerter?utm_campaign=share_on_mastodon&utm_medium=mastodon&utm_source=mastodon