From 946f29c7e2967e63f5b3d2cb1f23a0628469943d Mon Sep 17 00:00:00 2001 From: PrincessPi3 Date: Sat, 23 May 2026 14:58:59 -0600 Subject: [PATCH] v1.2 --- ... (# Edit conflict 2026-05-23 wi0xieC #).md | 81 ------------------- 1 file changed, 81 deletions(-) delete mode 100644 README (# Edit conflict 2026-05-23 wi0xieC #).md diff --git a/README (# Edit conflict 2026-05-23 wi0xieC #).md b/README (# Edit conflict 2026-05-23 wi0xieC #).md deleted file mode 100644 index 2802fb6..0000000 --- a/README (# Edit conflict 2026-05-23 wi0xieC #).md +++ /dev/null @@ -1,81 +0,0 @@ -# Verifiably, Attributably Secure Archives -For when you need to distribute information anonymously, but wish to keep it provably full and intact, but _also_ wish to have options to prove attribution. - -## Writeup -### Purpose -todo -### Method -todo -### Issues -- two-way deanonymization is assumed when either method to attribute is used - - when sha512 method is used, originator is assumed to be the owner of the ed25519 key and vice versa - - any reveal of either signed note or sha512 attribution passphrase, the other is assumed to belong to the same entity - - opsec failures can result in two-way deanonymization - -## Usage -### Installation -todo -### Usage -todo - -## todo -1. x validate attribution thing -2. clean up output -3. x **fix password audit!** -4. x sanity checks -5. this README.md -6. x the README-instructions.txt and placedment for archive -7. x passphrase strength/length checks -8. sha256 mode with independant passphrase(?) -9. encrypt archive option - 1. inner - 1. goes first - 2. gets passphrase - 3. tests passphrase - 4. generates txt file backup - 5. then tests with passphrase - 2. outer - 1. goes second - 2. gets passphrase - 3. tests passphrase - 4. generates txt file backup - 5. then tests with passphrase -10. x random data optional - 1. x `read -n 1 -s -r -p "In another terminal/window, fill $inner_dir with whatever you please then press any key to continue..."` - 2. x now only takes up 2Kb! - 3. x only use 128 bytes (1024 bits) x 2 - 1. x `openssl rand -out "$out_dir/.$RANDOM" 128` - 2. x `openssl rand -out "$inner_dir/.$RANDOM" 128` - 3. x `find "$out_dir" -type f -name ".*" -exec chown $USER:$USER "{}" \;` - 4. x `find "$out_dir" -type f -name ".*" -exec chmod 600 "{}" \;` -11. writeup in this README -12. usage in this README -13. specification definition - 1. Specification.md -14. FileMap.md -15. x function: passphrase checkin - 1. x match - 2. x pass cracklib-check - 3. x =>35 chars long - 4. x pass call to haveibeenpwned.com api -16. x exit trap with cleanup - -## Changelog -- reduced random data to 2x 10Kb -- reduced random data to 2x 1Kb -- added password strength check with cracklib-check -- cleaned up output -- added housekeeping - - set perms and ownership on archives and keystore to minimum - - shred all erronious files and dirs -- cleaned up code -- better rng -- better passphrase check - - checks for exact match - - minimum of 35 chars - - checks with cracklib-check - - checks online with haveibeenpwned.com -- bug fixes -- random data is now actually optional and is only 128 bytes (1024 bits) and are generated securely -- better antiforensics by unsetting vars and cleaning up on exit -- actually workan password checks \ No newline at end of file