Tuesday 27 November 2012

Rant


[aelwell@pcitgtelwell ~]$ man dvbnet
No manual entry for dvbnet
[aelwell@pcitgtelwell ~]$ dvbnet --help

DVB Network Interface Manager
Copyright (C) 2003, TV Files S.p.A

dvbnet: invalid option -- '-'
Segmentation fault (core dumped)
[aelwell@pcitgtelwell ~]$ dvbnet -h

DVB Network Interface Manager
Copyright (C) 2003, TV Files S.p.A

Segmentation fault (core dumped)




that is all.
at No comments:

Thursday 15 November 2012

k-net / ipv6 / toastman / tomato USB

I have a reflashed router using the toastman mod - which works really well *but* the ipv6 configuration pages miss out one crucial setting when configuring the native ipv6 stack from k-net here, notably the WAN ipv6 address...

ssh root@router and
# ip addr add 2A03:4980::XXXX/96 dev vlan2 (IP D'interco)
# ip -6 route add default via  2A03:4980::11:0:1 (Gateway)

and lo, it should now work from clients on lan.

Blogging so I know where to find the info next time...
at No comments:
Labels: , ,

Thursday 8 November 2012

Alice and Bob go hashing

Alice wants to share some files with Bob over a public medium. Alice's computer is presumed 'secure'

she can easily generate a nice long 'passprase' by generating a cryptographic hash of the plaintext (say sha256sum) and use this as a key for a symmetrical crypt

ie

alice$> echo "hello world" > plaintext # generate sample input file
alice$> sha256sum plaintext # a948904f2f0f479b8f8197694b30184b0d2ed1c1cd2a1ec0fb85d299a192a447

and then crypt the file


alice$> openssl aes-256-cbc -in plaintext -out ciphertext
enter aes-256-cbc encryption password: [SHA256SUM GENERATED ABOVE]
Verifying - enter aes-256-cbc encryption password: [ditto]
alice$> ls -l plaintext ciphertext
-rw-rw-r--. 1 alice alice 32 Nov  7 16:01 ciphertext
-rw-rw-r--. 1 alice alice 12 Nov  7 16:00 plaintext


Alice can then send the symmetric key to Bob via their normal secure channel (assumed to be working)
and bob can decrypt with

bob$> openssl aes-256-cbc -d -in ciphertext 
enter aes-256-cbc decryption password: [SHA SUM]
hello world


So - is using a hash function a Bad Idea? 
The method is predictable -- yes but Mallory would need to know the plaintext (in which case, game over) to generate quickly, or would need to bruteforce ($time++)


Discussions / comments welcome

at No comments:
Subscribe to: Posts (Atom)

Feeling Pumped!

Having just had a day without power, and then going round the site to check everything came back online correctly (including services such a...

  • swisscom VDSL & dyndns
    Those of you who follow my twitter stream will have noticed that I managed to 'lose' my home machine today. It was online and activ...
  • Nasa TV on PS3
    Since there's no european satellite stream of Nasa TV it means you have to watch a streamed version over here. Also I'd like to w...
  • Solar off-grid cabin
    We have a small cabin on the site that used to have a 200w panel, 65Ah deep cycle lead acid battery, el-cheapo PWM charger to power some LED...