Outer Web | Explore

Explore >> Select a destination

You are here		freedom-to-tinker.com New research: There's no need to panic over factorable keys-just mind your Ps and Qs - Freedom to Tinker
\|	\|	sergioprado.blog What are random numbers and how they are managed on Linux? - sergioprado.blog	6.5 parsecs away Travel
\|	\|	In this article, we will deep dive into the major concepts behind random numbers and learn how to work with them on a Linux system.	6.5 parsecs away Travel
\|	\|	blog.cr.yp.to cr.yp.to: 2014.03.23: How to design an elliptic-curve signature system	4.6 parsecs away Travel
\|	\|	[AI summary] The text discusses the complexities and security concerns of the ECDSA (Elliptic Curve Digital Signature Algorithm) compared to more modern signature systems like Ed25519. It highlights issues such as the lack of constant-time implementations in ECDSA, the importance of secure random number generation (RNG) for generating nonces (k), and the vulnerabilities that can arise from poor RNG practices. The text also compares ECDSA with alternatives like Ed25519, which uses deterministic methods for generating k, thus avoiding the need for an RNG and enhancing security. Additionally, it touches on the design of secure RNGs, the role of hash functions in generating k, and the potential for attacks due to non-constant-time implementations and poor random...	4.6 parsecs away Travel
\|	\|	www.thomas-huehn.com Myths about /dev/urandom	4.0 parsecs away Travel
\|	\|	[AI summary] The article discusses the use of /dev/random and /dev/urandom in Linux systems for generating random numbers. It highlights that /dev/urandom is generally preferred over /dev/random due to its non-blocking nature and sufficient cryptographic security. The article also addresses misconceptions in the man pages and emphasizes that /dev/urandom is safe for most applications, including cryptographic uses, as long as the initial seeding is done properly. It mentions that while /dev/random is considered a legacy interface, it's not always necessary, and modern Linux distributions and syscalls like getrandom(2) provide better alternatives.	4.0 parsecs away Travel
\|	\|	memo.mx Becoming a Certificate Authority (CA) \| Memo Garcia	24.0 parsecs away Travel
\|		A Certificate Authority or CA is an entity that signs digital certificates. These digital certificates are used to validate the connection while using secure mechanisms. Generating a root CA We will use a root CA to create intermediate CA's which are trusted to sign certificates on its behalf. First, prepare the environment. mkdir /root/ca && cd /root/ca mkdir certs crl newcerts private chmod 700 private touch index.txt echo 1000 > serial Then download the template for /root/ca/openssl....	24.0 parsecs away Travel