PrincessPi/Encrypt-Share-Attribution
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
55822d0bcbc8b6f8f50a1a3430f54d9d01644588
Encrypt-Share-Attribution/README (# Edit conflict 2026-05-23 ij95dmC #).md
T
PrincessPi a45bd78978 sum silly shitty
2026-05-23 10:52:04 -06:00

70 lines
2.2 KiB
Markdown
Raw Blame History

# Verifiably, Attributably Secure Archives
For when you need to distribute information anonymously, but wish to keep it provably full and intact, but _also_ wish to have options to prove attribution.
## Writeup
### Purpose
todo
### Method
todo
### Issues
- two-way deanonymization is assumed when either method to attribute is used
- when sha512 method is used, originator is assumed to be the owner of the ed25519 key and vice versa
- any reveal of either signed note or sha512 attribution passphrase, the other is assumed to belong to the same entity
- opsec failures can result in two-way deanonymization
## Usage
### Installation
todo
### Usage
todo
## todo
1. x validate attribution thing
2. ? clean up output
3. x sanity checks
4. this README.md
5. x the README-instructions.txt and placedment for archive
6. x passphrase strength/length checks
7. sha256 mode with independant passphrase(?)
8. encrypt archive option
1. inner
1. goes first
2. gets passphrase
2. tests passphrase
3. generates txt file backup
4. then tests with passphrase
2. outer
1. goes second
2. gets passphrase
3. tests passphrase
4. generates txt file backup
5. then tests with passphrase
9. random data optional
1. `read -n 1 -s -r -p "In another terminal/window, fill $inner_dir with whatever you please then press any key to continue..."`
2. x now only takes up 2Kb!
3. only use 128 bytes (1024 bits) x 2
1. `openssl rand -out "$out_dir/.$RANDOM" 128`
2. `openssl rand -out "$inner_dir/.$RANDOM" 128`
3. `find "$out_dir" -type f -name ".*" -exec chown $USER:$USER "{}" \;`
4. `find "$out_dir" -type f -name ".*" -exec chmod 600 "{}" \;`
10. writeup in this README
11. usage in this README
12. specification definition
1. Specification.md
13. FileMap.md
14. function: passphrase checkin
1. match
2. pass cracklib-check
3. =>35 chars long
4. pass call to haveibeenpwned.com api
15.
## Changelog
- reduced random data to 2x 10Kb
- reduced random data to 2x 1Kb
- added password strength check with cracklib-check
- cleaned up output
- added housekeeping
- set perms and ownership on archives and keystore to minimum
- shred all erronious files and dirs
- cleaned up code
Reference in New Issue View Git Blame Copy Permalink