solutions
Network & Internet Security
- SSLeay & SSLapps FAQ - free SSL implementation without crippled encryption; FTP site
- SSLP Project
- FreeSurf: Secrete Proxy System for Anonymous Web Browsing and Bypassing Censorship Firewall.
- internet security
- Lance Cottrell's page on remailers & net security
- Vasco Data Security time-phased password device
- S/KEY Internet Draft for Bellcore's 1-time password system; FTP archives Bellcore and at first.org
- document-marking for security
- Computer & Communications Security Reviews (by Ross Anderson); FTP site
- SSH (Secure Shell) - secure UNIX rlogin, rsh, rcp; FAQ, binaries v1.2.12
- FAQs on sniffers, anonymous FTP & intruder-detection in UNIX
- FAQs on Firewalls & Internet Security by Marcus Ranum (V-One Corp.)
- Kerberos (network user-authentication protocol): FAQ, newsgroup,
programs & source code avail. at FTP sites in
.us and
.nl
- Cygnus Network Security system based on Kerberos
- SESAME - an enhanced public-domain version of Kerberos; can replace Kerberos in DCE; an ECMA standard; Internet drafts are filed to progress it to an RFC (Feb 1996)
- Security Bug in Kerberos 4.0 reported by 2 Purdue students;
caused by inadequate RNG operation;
similar to the Netscape Crack by CS students at UC Berkeley in fall 1995
- "Decentralized Trust Management" - paper by Matt Blaze (with Joan Feigenbaum and Jack Lacy) on alternatives to traditional (X.509, PGP, etc.) identity-based certificates, to be presented at the Oakland Security Conference in May 1996
- MOSS (MIME Object Security Services) is a proposed Internet Standard (RFC 1847 & RFC 1848, Oct 1995) for adding Privacy Enhanced Mail services (encryption and authentication) to MIME e-mail; developed by Trusted Information Services with ARPA funding; UNIX source code is available; performs similar services as Zimmerman's PGP and RSA's S/MIME
- Decense - a new suite of Perl scripts (v0.10 alpha) which provides anonymous access to web servers, designed to defeat censorship of the net, released Feb 1996 by Ray Cromwell
- SAIC Documents (from Science Applications International Corp.) on security of WWW servers, firewalls, TCP/IP protocols, etc.
- see also: Protocols
Disk & File System Encryption
- disk encryption for "on-the-fly" encryption of an entire disk partition:
- Peter Gutman's SFS Secure File System - a DOS device driver that uses SHA in feedback mode; alternate FTP site in .nl
- Edgar Swank's SecureDrive - a TSR hook for DOS that uses IDEA; available by FTP from
CSN (get disk/secdr14a.zip),
Cypherpunks archive,
or sites in
.nl,
.dk, and
.it
- Secure Device - a DOS device driver that encrypts a virtual, file-hosted volume with IDEA
- Matt Blaze's CFS Cryptographic File System - a UNIX device driver that uses DES; source code in files cfs112.tar.gz and cfs.1.3.shar.gz
- Will Price's CryptDisk - shareware Macintosh encryption system using IDEA-CFB (v.1.2.1 Jan 1996);
available from FTP sites in
U.S.,
another U.S.,
.dk, and
.nl;
older versions available by FTP from
.ie (v.1.2) and
.de (v.1.03);
source code available
- Kent Marsh's FolderBolt for Mac (?)
- file encryption for manual encryption of individual files:
- use PGP with the -c option
- Kent Briggs' Puffer 2.0 for Windows encrypts files and email using PC1 (a 40-bit stream cipher similar to RC4) in the shareware version, or the 160-bit Blowfish block cipher in the registered version; data-compression and file wiping options included
- HPACK incorporates strong encryption with a file-archiver (like PK-ZIP) for many platforms
- Diamond Lock v.2 for DOS & UNIX, with source code; older version here
- Encryptlet - an AppleScript droplet that encrypts files by drag-and-drop onto a Desktop Encryptor icon; cryptographically agile, can use AppleScript-aware version of MacPGP
- TeamWARE Crypto - commercial product for on-the-fly encryption of single files via FEAL-8 cypher; user interface is integrated with Windows File Manager
- Curve Encrypt (Mac) - version 2.2 available by FTP from .dk and .it
- Quicrypt (DOS) - need info?
- Atbash2 (DOS) - ZIP'ed file available by FTP from .dk and .it
- file-wipe utilities overwrite deleted files to prevent their recovery; see Galacticus' Anonymity, Privacy, and Security pages
|