----- Forwarded message from Eric Mill <eric@konklone.com> ----- Date: Mon, 21 Jul 2014 09:48:32 -0400 From: Eric Mill <eric@konklone.com> To: "cryptography@metzdowd.com List" <cryptography@metzdowd.com> Subject: [Cryptography] miniLock seems pretty interesting Message-ID: <CANBOYLVg=Dndusthy82zbksDwyVupdHU9BaSL1mE6199FbvmYQ@mail.gmail.com> I saw this announced at HOPE X this weekend: http://minilock.io/ It uses curve25519 <http://cr.yp.to/ecdh.html>, which requires much smaller keys (32 or 64 bits) to ensure security -- and so it basically just demands a strong passphrase from the user from which can be derived a strong private key. The developer has a video <http://vimeo.com/101237413> and slides <http://minilock.io/files/HOPEX.pdf> to go along with it, and in general focused his energy on persuading the audience that JavaScript crypto is a necessary and achievable part of the future. -- Eric -- konklone.com | @konklone <https://twitter.com/konklone> _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography ----- End forwarded message -----
For those who aren't so keen on JS crypto even when implemented as an extension (or for those who, like me, think of Chromium as gussied up spyware), I re-implemeted miniLock in Python and released it today on Github and PyPI: https://github.com/cathalgarvey/deadlock https://pypi.python.org/pypi/deadlock I added a few features, some of which are only partially implemented. For one thing, the most secure feature of miniLock, that your key is not stored but always generated from memory, is now optional for the YOLO/lazy crowd; you can optionally generate a plaintext copy of your key and use it to encrypt and decrypt. More practically, there's a petnames system so you can store and name IDs for other people, and then encrypt to the petnames. Also partially implemented but not from the terminal interface is a means to try and brute-force a prefixed or suffixed ID, though it's not parallelised yet; I need to learn more about the multiprocess module first. This is for "vanity" addresses, like one beginning with "cathal", but lacking the hardware I'd need to accomplish that myself it's just there because I could write it rather than by true aspiration. Another handy feature; if you direct deadlock to encrypt a directory, it will automatically zip the directory and encrypt the zipfile. Recipients must still manually unzip the files; no way am I opening up that security bug in my code! Thoughts, feedback, flames etc. welcome. Unless you're bitching about lack of explicit WinMac support; that's entirely your problem to figure out. :) best, Cathal On 21/07/14 17:25, Eugen Leitl wrote:
----- Forwarded message from Eric Mill <eric@konklone.com> -----
Date: Mon, 21 Jul 2014 09:48:32 -0400 From: Eric Mill <eric@konklone.com> To: "cryptography@metzdowd.com List" <cryptography@metzdowd.com> Subject: [Cryptography] miniLock seems pretty interesting Message-ID: <CANBOYLVg=Dndusthy82zbksDwyVupdHU9BaSL1mE6199FbvmYQ@mail.gmail.com>
I saw this announced at HOPE X this weekend:
It uses curve25519 <http://cr.yp.to/ecdh.html>, which requires much smaller keys (32 or 64 bits) to ensure security -- and so it basically just demands a strong passphrase from the user from which can be derived a strong private key.
The developer has a video <http://vimeo.com/101237413> and slides <http://minilock.io/files/HOPEX.pdf> to go along with it, and in general focused his energy on persuading the audience that JavaScript crypto is a necessary and achievable part of the future.
-- Eric
-- T: @onetruecathal, @IndieBBDNA P: +353876363185 W: http://indiebiotech.com
On Tue, Aug 12, 2014 at 07:42:16PM +0100, Cathal Garvey wrote:
For those who aren't so keen on JS crypto even when implemented as an extension (or for those who, like me, think of Chromium as gussied up spyware), I re-implemeted miniLock in Python and released it today on Github and PyPI:
https://github.com/cathalgarvey/deadlock https://pypi.python.org/pypi/deadlock
So, now there are 5 different implementations for essentially the same thing: - reop (http://www.tedunangst.com/flak/post/reop) - pbp (https://github.com/stef/pbp) - pcp (https://github.com/TLINDEN/pcp) - minilock: (http://minilock.io) - deadlock (https://github.com/cathalgarvey/deadlock) - Tom
While I'm happy to see my own work in an august list like that, I'd just like to point out that saying anything based on NaCl is "basically the same thing" is like accusing any scheme using sha256 and aes256 primitives of being the "same thing". If the schemes are not compatible or close to compatible, if they have different threat models or implementations, or different intended use-cases, they can hardly be called the same thing. Now, miniLock format could be used as a PGP alternative, and I'd be interested in making deadlock suitable for hooking into mail clients that can preprocess incoming or outgoing mail with user-configured scripts so it could be used as such, but I don't think it wasn't written for that (ask Nadim his intended use-case for miniLock, I guess). So, while all of those are NaCl based, I'd say only miniLock and deadlock are "essentially the same thing" because they're implementations of the same protocol and basic use-case. On 13/08/14 11:05, Thomas von Dein wrote:
On Tue, Aug 12, 2014 at 07:42:16PM +0100, Cathal Garvey wrote:
For those who aren't so keen on JS crypto even when implemented as an extension (or for those who, like me, think of Chromium as gussied up spyware), I re-implemeted miniLock in Python and released it today on Github and PyPI:
https://github.com/cathalgarvey/deadlock https://pypi.python.org/pypi/deadlock
So, now there are 5 different implementations for essentially the same thing:
- reop (http://www.tedunangst.com/flak/post/reop) - pbp (https://github.com/stef/pbp) - pcp (https://github.com/TLINDEN/pcp) - minilock: (http://minilock.io) - deadlock (https://github.com/cathalgarvey/deadlock)
- Tom
-- Twitter: @onetruecathal, @formabiolabs Phone: +353876363185 Blog: http://indiebiotech.com miniLock.io: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM
On 2014-08-13, 12:05, Thomas von Dein wrote:
So, now there are 5 different implementations for essentially the same thing:
And even if that were true (which it might well be, didn't check), that's bad because...? OpenSSL has a problem because (among other things) there are no real competitors. With more, and truly different implementations, things *will* be different and they *might* be better. Fun, Stephan
On Wed, Aug 13, 2014 at 07:47:41PM +0200, Stephan Neuhaus wrote:
On 2014-08-13, 12:05, Thomas von Dein wrote:
So, now there are 5 different implementations for essentially the same thing:
And even if that were true (which it might well be, didn't check), that's bad because...? OpenSSL has a problem because (among other things) there are no real competitors. With more, and truly different implementations, things *will* be different and they *might* be better.
Well, ok, I didn't see it from that viewpoint, so it's essentially a good thing :) My bad.. best, Tom
participants (4)
-
Cathal Garvey -
Eugen Leitl -
Stephan Neuhaus -
Thomas von Dein