PrincessPi/Encrypt-Share-Attribution
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.2

Browse Source
This commit is contained in:
Princess Pi
2026-05-23 14:58:48 -06:00
parent 80cd151047
commit afbe0e5d56
2 changed files with 85 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README (# Edit conflict 2026-05-23 wi0xieC #).md
+81
View File
@@ -0,0 +1,81 @@
# Verifiably, Attributably Secure Archives
For when you need to distribute information anonymously, but wish to keep it provably full and intact, but _also_ wish to have options to prove attribution.
## Writeup
### Purpose
todo
### Method
todo
### Issues
- two-way deanonymization is assumed when either method to attribute is used
- when sha512 method is used, originator is assumed to be the owner of the ed25519 key and vice versa
- any reveal of either signed note or sha512 attribution passphrase, the other is assumed to belong to the same entity
- opsec failures can result in two-way deanonymization
## Usage
### Installation
todo
### Usage
todo
## todo
1. x validate attribution thing
2. clean up output
3. x **fix password audit!**
4. x sanity checks
5. this README.md
6. x the README-instructions.txt and placedment for archive
7. x passphrase strength/length checks
8. sha256 mode with independant passphrase(?)
9. encrypt archive option
1. inner
1. goes first
2. gets passphrase
3. tests passphrase
4. generates txt file backup
5. then tests with passphrase
2. outer
1. goes second
2. gets passphrase
3. tests passphrase
4. generates txt file backup
5. then tests with passphrase
10. x random data optional
1. x `read -n 1 -s -r -p "In another terminal/window, fill $inner_dir with whatever you please then press any key to continue..."`
2. x now only takes up 2Kb!
3. x only use 128 bytes (1024 bits) x 2
1. x `openssl rand -out "$out_dir/.$RANDOM" 128`
2. x `openssl rand -out "$inner_dir/.$RANDOM" 128`
3. x `find "$out_dir" -type f -name ".*" -exec chown $USER:$USER "{}" \;`
4. x `find "$out_dir" -type f -name ".*" -exec chmod 600 "{}" \;`
11. writeup in this README
12. usage in this README
13. specification definition
1. Specification.md
14. FileMap.md
15. x function: passphrase checkin
1. x match
2. x pass cracklib-check
3. x =>35 chars long
4. x pass call to haveibeenpwned.com api
16. x exit trap with cleanup
## Changelog
- reduced random data to 2x 10Kb
- reduced random data to 2x 1Kb
- added password strength check with cracklib-check
- cleaned up output
- added housekeeping
- set perms and ownership on archives and keystore to minimum
- shred all erronious files and dirs
- cleaned up code
- better rng
- better passphrase check
- checks for exact match
- minimum of 35 chars
- checks with cracklib-check
- checks online with haveibeenpwned.com
- bug fixes
- random data is now actually optional and is only 128 bytes (1024 bits) and are generated securely
- better antiforensics by unsetting vars and cleaning up on exit
- actually workan password checks
README.md
+3 -1
View File
@@ -21,7 +21,7 @@ todo
## todo ## todo
1. x validate attribution thing 1. x validate attribution thing
2. clean up output 2. clean up output
3. **fix password audit!** 3. x **fix password audit!**
4. x sanity checks 4. x sanity checks
5. this README.md 5. this README.md
6. x the README-instructions.txt and placedment for archive 6. x the README-instructions.txt and placedment for archive
@@ -78,3 +78,5 @@ todo
- bug fixes - bug fixes
- random data is now actually optional and is only 128 bytes (1024 bits) and are generated securely - random data is now actually optional and is only 128 bytes (1024 bits) and are generated securely
- better antiforensics by unsetting vars and cleaning up on exit - better antiforensics by unsetting vars and cleaning up on exit
- actually workan password checks
- actually workan nice :3 mo stable mo sanity checks mo safety settings and methods