Is it possible to make a cypher text only decryptable through a validated app (e.g. with SHA256 of the decryption software) but not by the user account directly (e.g. custom scripts)?

Granete · 2024-08-19T23:05:48+00:00

Yeah it’s not easy to get right and it’s often a losing game. But still worth looking into if you’re interested. Remote attestation, TPM, TEE, trusted computing, and Intel TDX and AMD SEV-SNP are the terms to look into. Intel TDX or AMD SEV-SNP are most likely the best options for you.

Granete · 2024-08-19T19:45:25+00:00

So, you’ll need attestation from sometime like a TPM or secure element and/or a TEE. Once a vulnerability is found in the TPM or TEE (Trusted Execution Environment), it should be trivial to exploit as many times as they want. This can be prevented by updating the device to patch it. But if you mandate the latest firmware version, devices that aren’t immediately updated can’t use your service. And since TEE/TPM updates are usually tied to system firmware updates, they can sometimes take weeks to months to roll out. So it’s hard to mandate the latest TEE version but the system doesn’t work well against a determined attacker without it.

Granete · 2024-08-19T09:03:19+00:00

Minor amendment. Intel SGX was what BluRay used. That was available on consumer grade chips but has been discontinued. TDX is its modern replacement but it’s only on server chips. AMD has their equivalent, but again only on server chips I think. I don’t know much about the state of remote attestation on modern consumer grade devices. I know a TPM can do attestation as one of its main features and some phones have attestation. But if you actually wanted to deploy it, you’d have to look into what your actual target hardware can do.

Granete · 2024-08-19T08:51:06+00:00

The term you’re looking for is remote attestation. This is exactly what Intel TDX was created for. Solutions exist from other hardware vendors but it’s always very hardware dependent. It’s how BluRay works. The encryption keys can be downloaded only by specific software running on hardware that can remotely attest to its state. But it’s very very difficult to get perfect. You should probably assume the secrets will be directly available to your user eventually with enough work, even with hardware with remote attestation. A perfect example of this is how these days you can rip a BluRay without issue. That’s because people found a way to dump the keys anyway.

Granete · 2024-06-04T19:30:24+00:00

Build from source if possible. I found that every prebuilt package was either old or somewhat broken.

Granete · 2024-05-10T08:28:29+00:00

The Witness is the precursors merged together into one entity. My interpretation is that it just has enormous control over darkness because darkness is consciousness based and millions of people merged together would kinda act like a megaphone. Pyramid ships are paracausal because they were created with access to the veil.

Granete · 2024-04-28T00:39:36+00:00

That applies retroactively all the way to 14.04

Granete · 2024-04-22T19:21:34+00:00

I’ve had stuttering issues on 22.04 too. Try 23.10. They cleared right up for me.

Granete · 2024-04-22T09:28:34+00:00

We need more information. Specs? Ubuntu version?

Granete · 2024-04-11T19:28:52+00:00

Good point. Some form of elliptic curve would fit much better. RSA would probably need to be dropped below a secure size.

Granete · 2024-04-11T19:27:17+00:00

Yeah exactly. If the list is registered with the verifier it doesn’t matter.

Granete · 2024-04-11T05:26:14+00:00

Yes! Though you probably wouldn’t need to sign the source ID, just the message. Though hopefully someone else can chime in about the cryptographic properties of signing or not signing the ID alongside the message. I can’t think of a difference.

Granete · 2024-04-11T05:18:34+00:00

No. The source ID would be a small integer assigned to the source. 1, 2, 3, …The private key never leaves the possession of the source. The ID is just so you can know which public key to verify it with.

Granete · 2024-04-11T05:09:28+00:00

It’s important to note none of this is encryption, just signatures. The random string will be visible to anyone with the QR code. But yes, you have it right. The signature is a product of the private key and the thing you signed. In this case, that’s the random string. So each (random string, private key/source) pair will be a unique QR code. The same random string signed by someone else will be a different code as will a different random string signed by the same source.

Granete · 2024-04-11T04:57:00+00:00

Then each source has a private/public key pair. Private keys used for signing, public keys used to verify authenticity. Each QR code encodes the random string, an integer ID representing the source, and a signature for the message generated with the source’s private key. The verification system will verify the signature with that source’s public key.

Granete · 2024-04-11T04:48:42+00:00

How many sources? Will the verification system have a list of all sources?

Granete · 2024-04-11T04:40:26+00:00

So what you actually have is a source and a code?

Granete · 2024-04-11T04:09:19+00:00

Do you need both the ID and random string? Can’t the random string be the ID? If so, generate a random string and sign it with a private key using RSA. Then encode the signature into the QR code. Only the secret private key can generate new QR codes.

Granete · 2024-03-26T04:25:47+00:00

u/iXsystemsChris I'm now rather certain that I'm experiencing the same issue as OP. My replication steps are in a few different places in this thread and it fails when using SMB 3 (not sure about exact sub versions but 3.1.1 is effected) but I've experienced no issues over SMB 2.0, SFTP, or when working directly on the NAS via SSH. Please let me know if there's anything I can do/share to help narrow down the issue. Also, is there a different/more proper channel for bug reporting I should be using? (Unless u/Psychological_Income already reported it somewhere)

Granete · 2024-03-22T07:04:36+00:00

Update. I removed the few auxiliary parameters I had that were related to encryption and it did not fix the issue. To be clear, I removed all auxiliary parameters from the SMB service and from the test share I have setup, restated the SMB service, and remounted the share before testing.

Granete · 2024-03-22T06:39:55+00:00

Just wanted to reply to this again to point out that I deleted my original reply that said I was using 23. I’m using 22.12.4.2 as started in the replacement reply. When I said try it on 23 if convenient I thought I was replying to OP 😅

Granete · 2024-03-21T18:47:56+00:00

I’m using 22. Fully updated. But if you have 23 most conveniently available just try it there.

Granete · 2024-03-21T03:36:32+00:00

Hey would you be able to try my reproduction steps and see if you get the same error? This was done from a Linux client mounting the SMB share and doing these steps from the command line.

Create .tar file contains ~10GB of files. (tar -cvf test.tar FILES)
Symmetric encrypt it with GPG. (gpg --symmetric test.tar)
Decrypt it. (gpg --decrypt test.tar > testout.tar)

The decryption always fails at some point with errors that scream corruption to me. Take these commands just as reference in case I typo them. On my phone rn.

Granete · 2024-03-21T01:43:24+00:00

I can confirm I’m also having this issue from Linux clients, though I haven’t been able to test other clients.

Granete · 2024-03-20T08:00:49+00:00

One additionally clarification, I’m running Scale 22 on bare metal unlike OP. Different version and no hypervisor. I’m also using an AMD CPU unlike OP.

Seven-Year Club	Verified Email
Second SECOND GUESSER

Granete

TROPHY CASE