Base64 demonstrates how easy it is to decipher
plaintext usernames and passwords. Never login to a public network resource
unless some type of encryption is being used, secure socket layer is one example.
Most FTP sites also use plaintext passwords.
pic mcu code:This application note describes the design and
implementation of a USB Mass Storage Device (MSD)
using a secure Digital card, which should prove useful
to developers of USB mass storage solutions. This
application may be used as a stand-alone MSD or as a
secure Digital/Multimedia Card (SD/MMC) reader/
writer interface.
PeerSec Networks MatrixSSL?is an embedded SSL implementation designed for small footprint applications and devices. PeerSec Networks offers a fully supported, commercial version as well as an open source version that is available for download. PeerSec MatrixSSL allows secure management of remote devices. Several secure embedded Web servers also use MatrixSSL for their encryption layer.
《為Windows Vista編寫安全的代碼》,2007年出版
Providing developers with first-hand insights into design decisions and practical advice for solving real-world security issues, this authoritative guide urges developers to write more secure code on the Vista platform to support a growing customer base.
Table of Contents
Writing secure Code for Windows Vista
Foreword
Introduction
Chapter 1 - Code Quality
Chapter 2 - User Account Control, Tokens, and Integrity Levels
Chapter 3 - Buffer Overrun Defenses
Chapter 4 - Networking Defenses
Chapter 5 - Creating secure and Resilient
Chapter 6 - Internet Explorer 7 Defenses
Chapter 7 - Cryptographic Enhancements
Chapter 8 - Authentication and Authorization
Chapter 9 - Miscellaneous Defenses and Security-Related Technologies
Index
List of Figures
List of Tables
List of Sidebars
IDEA v2.2
IDEA encryption for dos.
IDEA stands for International Data Encryption Algorithm
it was invented by Xuejia Lai and James Massey in Switzerland
its a private key block algorithm, and is thought to be
very secure.
Digital Signature Algorithm (DSA)是Schnorr和ElGamal簽名算法的變種,被美國NIST作為DSS(DigitalSignature Standard)。算法中應用了下述參數:
p:L bits長的素數。L是64的倍數,范圍是512到1024;
q:p - 1的160bits的素因子;
g:g = h^((p-1)/q) mod p,h滿足h < p - 1, h^((p-1)/q) mod p > 1;
x:x < q,x為私鑰 ;
y:y = g^x mod p ,( p, q, g, y )為公鑰;
H( x ):One-Way Hash函數。DSS中選用SHA( secure Hash Algorithm )。
p, q, g可由一組用戶共享,但在實際應用中,使用公共模數可能會帶來一定的威脅。簽名及驗證協議如下:
1. P產生隨機數k,k < q;
2. P計算 r = ( g^k mod p ) mod q
s = ( k^(-1) (H(m) + xr)) mod q
簽名結果是( m, r, s )。
3. 驗證時計算 w = s^(-1)mod q
u1 = ( H( m ) * w ) mod q
u2 = ( r * w ) mod q
v = (( g^u1 * y^u2 ) mod p ) mod q
若v = r,則認為簽名有效。
DSA是基于整數有限域離散對數難題的,其安全性與RSA相比差不多。DSA的一個重要特點是兩個素數公開,這樣,當使用別人的p和q時,即使不知道私鑰,你也能確認它們是否是隨機產生的,還是作了手腳。RSA算法卻作不到。
Atmel’s AT91SAM7FP105 is a low pincount FingerChip processor based on the 32-bit ARM
RISC processor. It features a on-chip biometric engine performing enrollment verification and
identification, an internal record cache of up to 25 records and a secure command protocol over
USB, SPI, UART. This protocol enables an external host system or processor to control the onchip
bioengine functions, manipulate the record cache, and securely export record cache
records for external storage. Together with the FingerChip sensor device AT77C104B, it forms
an embedded, secured biometric turnkey solution.
xl2tpd is an implementation of the Layer 2 Tunnelling Protocol (RFC 2661).
L2TP allows you to tunnel PPP over UDP. Some ISPs use L2TP to tunnel user
sessions from dial-in servers (modem banks, ADSL DSLAMs) to back-end PPP
servers. Another important application is Virtual Private Networks where
the IPsec protocol is used to secure the L2TP connection (L2TP/IPsec,
RFC 3193). The L2TP/IPsec protocol is mainly used by Windows and
Mac OS X clients. On Linux, xl2tpd can be used in combination with IPsec
implementations such as Openswan.
Host Identity Protocol on Linux is an implemetation of the Host Identity Protocol (HIP) and the related architecture. HIP is a proposal to change the TCP/IP stack to securely support mobility and multi-homing. Additionally, it provides for enhanced security and privacy and advanced network concepts, such as moving networks and mobile ad hoc networks. HIP is "cool", which means that as a mobile VPN solution, when your network interfaces go up or down, there is no need to re-establish a secure tunnel.
