For those who aren't so keen on JS crypto even when implemented as an extension (or for those who, like me, think of Chromium as gussied up spyware), I re-implemeted miniLock in Python and released it today on Github and PyPI: https://github.com/cathalgarvey/deadlock https://pypi.python.org/pypi/deadlock I added a few features, some of which are only partially implemented. For one thing, the most secure feature of miniLock, that your key is not stored but always generated from memory, is now optional for the YOLO/lazy crowd; you can optionally generate a plaintext copy of your key and use it to encrypt and decrypt. More practically, there's a petnames system so you can store and name IDs for other people, and then encrypt to the petnames. Also partially implemented but not from the terminal interface is a means to try and brute-force a prefixed or suffixed ID, though it's not parallelised yet; I need to learn more about the multiprocess module first. This is for "vanity" addresses, like one beginning with "cathal", but lacking the hardware I'd need to accomplish that myself it's just there because I could write it rather than by true aspiration. Another handy feature; if you direct deadlock to encrypt a directory, it will automatically zip the directory and encrypt the zipfile. Recipients must still manually unzip the files; no way am I opening up that security bug in my code! Thoughts, feedback, flames etc. welcome. Unless you're bitching about lack of explicit WinMac support; that's entirely your problem to figure out. :) best, Cathal On 21/07/14 17:25, Eugen Leitl wrote:
----- Forwarded message from Eric Mill <eric@konklone.com> -----
Date: Mon, 21 Jul 2014 09:48:32 -0400 From: Eric Mill <eric@konklone.com> To: "cryptography@metzdowd.com List" <cryptography@metzdowd.com> Subject: [Cryptography] miniLock seems pretty interesting Message-ID: <CANBOYLVg=Dndusthy82zbksDwyVupdHU9BaSL1mE6199FbvmYQ@mail.gmail.com>
I saw this announced at HOPE X this weekend:
It uses curve25519 <http://cr.yp.to/ecdh.html>, which requires much smaller keys (32 or 64 bits) to ensure security -- and so it basically just demands a strong passphrase from the user from which can be derived a strong private key.
The developer has a video <http://vimeo.com/101237413> and slides <http://minilock.io/files/HOPEX.pdf> to go along with it, and in general focused his energy on persuading the audience that JavaScript crypto is a necessary and achievable part of the future.
-- Eric
-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com