soc.octade.net is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.
This server runs the snac software and there is no automatic sign-up process.
https://soc.octade.net/cypherpunk/
A fediverse group for discussing topics and tools related to #cypherpunks.
#groups #fedigroups #fediverse #retro #cypherpunk #crypto #cryptography #encryption
Al Gore Invented the Internet.
Joe Biden invented PGP encryption.
Cypherpunks write code.
Joe Biden gifted humanity with PGP encryption (in a roundabout way). Phil Zimmermann created PGP in response to a anti-privacy bill clause proposed by Senator Joe Biden.
https://www.americanscientist.org/article/cypherpunks-write-code
"In 1990, the FBI launched an over-the-top crackdown on computer hackers, known as Operation Sundevil. This was swiftly followed, in early 1991, by a proposed piece of U.S. Senate legislation that would force electronic communications service providers to hand over people’s personal data. (The key clause, S.266, was pushed by the then chairman of the U.S. Senate Judiciary Committee, Senator Joe Biden.)"
"On learning of Biden’s S.266 clause, Zimmermann feverishly set out to complete the project, almost losing his house in the process. When he finished his software in 1991, he published it all online, free for anyone who wanted to use it. He called it “Pretty Good Privacy,” or PGP for short, and within weeks it had been downloaded and shared by thousands of people around the world. “Before PGP, there was no way for two ordinary people to communicate over long distances without the risk of interception,” said Zimmermann in a later interview. “Not by phone, not by FedEx, not by fax.” It remains the most widely used form of email encryption to this day."Joe Biden's first panopticon bill:
https://www.congress.gov/bill/102nd-congress/senate-bill/266
"SEC. 2201. COOPERATION OF TELECOMMUNICATIONS PROVIDERS WITH LAW ENFORCEMENT. It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law."As they say in Texas: That dinosaur don't hunt.
#Biden #JoeBiden #PGP #Cypherpunks #Cypherpunk #PhilZimmermann #Privacy #Cybersecurity #Cryptography #GPG #Email #Senate #Law #Government #Panopticon #Hackers #Hacking #Security #Encryption
#DOI https://doi.org/10.5281/zenodo.18448042
A pangram is a sentence or phrase that contains each letter of an alphabet or character set at least once. A perfect pangram is an anagram of the alphabet which contains each letter exactly once.
Pangram hash generates a perfect pangram hash digest consisting of a anagram permutation of a character set. Each character in the output is unique and non-repeating.
#Hashing #Cryptography #Anagrams #Papers #Preprints
@cryptography@soc.octade.net @crypto@infosec.pub @cryptography@fed.dyne.org
I see some people still using ancient PGP keys. GnuPG offers Linux repositories for updating to the latest versions of GnuPG with new expert features for key generation. Recent versions support both Kyber1024 and Goldilocks448 keys (and more).
Once installed run: :~$ gpg --full-generate-key --expert
New GnuPG Repositories for Debian, Ubuntu, and Devuan: Stable and Development Branches Available
https://www.gnupg.org/blog/20250827-new-repository.html
#PGP #GPG #PQC #GnuPG #Encryption #Cryptography #Privacy #Signatures #Kyber #Goldilocks #ED448 #Keys #PublicKey
"Despite advancements in secure messaging, PGP (Pretty Good Privacy) encryption—developed in the 1990s—remains a gold standard for privacy. Unlike modern apps reliant on centralized servers or phone numbers, PGP ensures end-to-end encryption without third-party dependencies. This article explores PGP’s enduring relevance, key management best practices, and how it compares to contemporary solutions like Signal."More: https://undercodetesting.com/why-pgp-encryption-still-outperforms-modern-messaging-apps/
Not in The Prophecies: Practical Attacks on Nostr
[for your address book]
https://soc.octade.net/cryptography/
A Fediverse group for sharing and discussing #ciphers, #codes #cryptography and #encryption and related applications and #research.
#crypto #cypher #cypherpunks #confidentiality #privacy #groups #fedigroups #fediverse
Hexlish Alphabet for English, Constructed Languages and Cryptography: Automatic, Structural Compression with a Phonetic Hexadecimal Alphabet
DOI : https://doi.org/10.5281/zenodo.13139469
Hexlish is a legible, sixteen-letter alphabet for writing the English language and for encoding text as legible base 16 or compressed binary. Texts composed using the alphabet are automatically compressed by exactly fifty percent when converted from Hexlish characters into binary characters. Although technically lossy, this syntactic compression enables recovery of the correct English letters via syntactic reconstruction. The implementer can predict the size of the compressed binary file and the size of the text that will result from decompression. Generally it is intuitive to recognize English alphabet analogues to Hexlish words. This makes Hexlish a legible alternative to the standard hexadecimal alphabet.
#Hexlish #Conlang #Alphabets #English #Hexadecimal #Encoding #Cryptography #Ciphers #Crypto #Encryption #Compression #Papers #Preprints #Orthography #Language #Linguistics #Writing #Glyphs #Alphabetology #Technology
Building secure peer-to-peer messaging apps is tough, and it's even tougher to get people to switch from what they already use. I've noticed that a great user interface and an intuitive design often matter more to people than terms like cryptography or end-to-end encryption.
That's why I've started building a UI library to tackle this head-on! It's a work in progress, but the goal is to create a more welcoming and seamless experience for new users.
Check out the UI library here: https://ui.positive-intentions.com
And you can see a live demo of the UI in action here: https://glitr.positive-intentions.com
I'd love to hear your thoughts and feedback as I continue to shape it!
#PeerToPeer #SecureMessaging #P2P #UIUX #WebDevelopment #MaterialUI #ModuleFederation #DesignSystem #Cryptography #UI
Why on earth was the #ActivityPub protocol even let out the door without a well-specified and mandatory graceful, non-destructive key rotation scheme?
Yes I know the privacy issues. Those are not valid reasons to not have such a mechanism; it's a valid reason to not enable or use one.
What we're stuck with now is a ton of instances with absurdly long, legacy-algorithm keys (RSA-4096) with no way to replace them with shorter/better keys without effectively losing everything ever posted on the instance.
The protocol is only 7 years old! EC crypto was well-established at the time, and should have been the default.
And what happens once everyone has to replace the keys, because RSA is broken by quantum computers (I know, probably 100 years to go)? The #Fediverse will be a wasteland, with no instances trusting anything from any other instance, so all #Federation breaks down.
Sorry if I got some details wrong about what the protocol says. If I get flamed to death for being wrong, then I'll consider that a Good Thing(TM). I've been trying to find a way to rotate/replace keys for a while and all my searching turns up is either 1) confirmation that most people don't know or care about cryptography, or 2) https://socialhub.activitypub.rocks/t/key-rotation-notification/562 - which really isn't helpful.
If it is possible to gracefully rotate the key(s) of an instance/user, there really has to exist some documentation that explains clearly how to implement this in a server and how to exercise it as a server operator.
NEWSCARD Publish and fetch permanent named records via Network News
Newscard creates a decentralized, encrypted, named record paste bin.
[git repo] https://codeberg.org/OCTADE/newscard (use most recent version only)
With a single command, name the card, snarf the file and encrypt it.
With another command, push the encrypted file to the public network.
With another short command, snarf a file from the network.
Only users knowing the name [key] of the record will be able to decrypt it.
If a strong passphrase is used to name the file, it will be very secure.
This is useful for quickly snarfing, encrypting, and publishing a text file:
$~: card enc [passphrase] [file]
$~: card put [passphrase]
It is useful for retrieving a text file with just a key:
$~: card get [passphrase]
$~: card show [passphrase]
If and when you want the general public to access the record just share the keyword.
Newscard uses nine (9) (NINE) layers of encryption with OpenSSL chacha20 cipher.
Newscard generates 9 each of: cipher keys, salts, key iteration parameters.
It would be nice if something like this were added to the ActivityPub protocol, such that keyword[@]host.url would do the same thing. Then secret text records could be stored securely for later retrieval or revelation.
#NewsCard #Pastebin #Usenet #NNTP #NetworkNews #Encryption #Cryptography #Messaging #Anonymity #Protocols #OpenSource #FreeSoftware #BlackHackJack #Censorship #Retro #InfoSec #Ciphers #Codes #FOSS
@infostorm@a.gup.pe @crypto@a.gup.pe @infosec@a.gup.pe @selfhosting@a.gup.pe
I wish people would stop giving credit to "prominent cybersecurity/cryptography experts" just because they released some "cypherpunk" book or software of unproven impact 30 years ago and have since then retreated into golden tenure, writing technically empty but catchy preprints with provocative titles. These "Ludd grandpas" (you know at least a couple of names of who I'm referring to) are, unfortunately, still worshipped by a large number of semireligious followers, who contribute to the spread of their moldy ignorance.
Thinking deeper, maybe mine is a typical case of rejection for the image in the mirror: I hope I will never become like that in the future.
The world does not stop at your rants. Keep moving and stay open-minded, or become obsolete.
#cybersecurity #security #infosec #cryptography #crypto #academia #rant #luddism
So, hear me out:
If instead of the current Hash+Salt based modality of password management, and given the relative lack of quantum complexity in how that all works for authentication, I have a proposition.
For any given password length N, N! hashes are taken for the password such that any substring starting with the first character and any arbitrary following sequential characters (D) to the length of the string (c0->cD) where D < N. This would require a quantum actor to deal with an element quantum mechanics is explicitly bad at dealing with: Certainty.
Instead of relying on the relatively low quantum complexity of the hashes, we extrapolate into another dimension and create an ordering of hashes that becomes a tangible certainty. Instead of having to find all of the hashes in a field (Low quantum complexity, High computational complexity), the operator must find a specific order from those hashes in the field (Extremely high quantum complexity, Moderate computational complexity).
It would also reduce the urgency of collision discoveries in hashing algorithms too.
Just a thought.
#cryptography #cybersecurity #informationsecurity #passwords #hashingalgorithms #hash #notThatKindofHash
NEWSCARD Publish and fetch permanent named records via Network News
Newscard creates a decentralized, encrypted, named record paste bin.
[git repo] https://codeberg.org/OCTADE/newscard (use most recent version only)
With a single command, name the card, snarf the file and encrypt it.
With another command, push the encrypted file to the public network.
With another short command, snarf a file from the network.
Only users knowing the name [key] of the record will be able to decrypt it.
If a strong passphrase is used to name the file, it will be very secure.
This is useful for quickly snarfing, encrypting, and publishing a text file:
$~: card enc [passphrase] [file]
$~: card put [passphrase]
It is useful for retrieving a text file with just a key:
$~: card get [passphrase]
$~: card show [passphrase]
If and when you want the general public to access the record just share the keyword.
Newscard uses nine (9) (NINE) layers of encryption with OpenSSL chacha20 cipher.
Newscard generates 9 each of: cipher keys, salts, key iteration parameters.
It would be nice if something like this were added to the ActivityPub protocol, such that keyword[@]host.url would do the same thing. Then secret text records could be stored securely for later retrieval or revelation.
#NewsCard #Pastebin #Usenet #NNTP #NetworkNews #Encryption #Cryptography #Messaging #Anonymity #Protocols #OpenSource #FreeSoftware #BlackHackJack #Censorship #Retro #InfoSec #Ciphers #Codes #FOSS
NEWSCARD Publish and fetch permanent named records via Network News
Newscard creates a decentralized, encrypted, named record paste bin.
[git repo] https://codeberg.org/OCTADE/newscard (use most recent version only)
With a single command, name the card, snarf the file and encrypt it.
With another command, push the encrypted file to the public network.
With another short command, snarf a file from the network.
Only users knowing the name [key] of the record will be able to decrypt it.
If a strong passphrase is used to name the file, it will be very secure.
This is useful for quickly snarfing, encrypting, and publishing a text file:
$~: card enc [passphrase] [file]
$~: card put [passphrase]
It is useful for retrieving a text file with just a key:
$~: card get [passphrase]
$~: card show [passphrase]
If and when you want the general public to access the record just share the keyword.
Newscard uses nine (9) (NINE) layers of encryption with OpenSSL chacha20 cipher.
Newscard generates 9 each of: cipher keys, salts, key iteration parameters.
It would be nice if something like this were added to the ActivityPub protocol, such that keyword[@]host.url would do the same thing. Then secret text records could be stored securely for later retrieval or revelation.
#NewsCard #Pastebin #Usenet #NNTP #NetworkNews #Encryption #Cryptography #Messaging #Anonymity #Protocols #OpenSource #FreeSoftware #BlackHackJack #Censorship #Retro #InfoSec #Ciphers #Codes #FOSS
@infostorm@a.gup.pe @usenet@lemmy.world @crypto@a.gup.pe @infosec@a.gup.pe