development – How to cryptographically verify the authenticity and integrity of Android Studio releases (with gpg?)

For a given Android Studio release published by Google, how can I cryptographically verify the authenticity and integrity of the .tar.gz file that I downloaded before I copy it onto a USB drive and attempt to install it on my laptop?

Today I wanted to download Android Studio, but the download page said nothing about how to cryptographically verify the integrity and authenticity of their release after download.

https://developer.android.com/studio#downloads

I expected to see a message on the download page telling me:

  1. The fingerprint of their PGP release signing key,
  2. A link to further documentation, and
  3. Links to (a) a manifest file (eg SHA256SUMS) and (b) a detached signature of that manifest file (eg SHA256SUMS.asc, SHA256SUMS.sig, SHA256SUMS.gpg, etc)

Unfortunately, the only information I found on the download page was how to verify the integrity of the tarball using a SHA-256 checksum found in a table on the same page. Obviously, this checks integrity but not authenticity. And it provides no security because it’s not out-of-band from the .tar.gz itself.

How can I preform cryptographic integrity and authenticity verification with Google’s Android Studio releases?

How to cryptographically verify the authenticity and integrity of Mozilla releases (Firefox, Thunderbird, etc)

For a given software release published by Mozilla, how can I cryptographically verify the authenticity and integrity of the file that I downloaded before I execute it to install that program?

Today I wanted to download firefox and thunderbird for Windows, but the download page said nothing about how to verify the release after download.

I expected to see a message telling me the fingerprint of their release signing key, a link to further documentation, and links to (a) a manifest file (eg SHA256SUMS) and (b) a detached signature of that manifest file (eg SHA256SUMS.asc, SHA256SUMS.sig, SHA256SUMS.gpg, etc)

How can I preform this verification with mozilla products, such as firefox and thunderbird?

cryptography – Cryptographically prove open sourced source code of server

I want to prove that the source code I am using is the same as the open-sourced version, which is publicly available. My idea was to publish a hash of the open-sourced version and compare it to the hash of the deployed server at boot. However, because the open-sourced hash is available pre-deployment, it is possible for a bad actor to hard code the hash into the server and avoid the hash function.

Is there a way I can prevent this from happening? I found that Heroku is using a similar approach where they are fetching the commit hash. Is this tamperproof? And if so, how is this different from my approach?

Probability – XOR combination of two different offsets from Pi for cryptographically random numbers

With that in mind, I had another question.

If two random strings of the same length were XOR-linked together by Pi, would this result in a cryptographically secure random number suitable for use in a one-time block? If so, would that mean that using a secure, low-bandwidth channel, you could suppress three digits (two offsets and one length) to provide any pad length?

Is the random generation of passwords from a series of dictionary words cryptographically secure?

We should all know the XKCD comic about password strength and (appropriately) suggest that a password be based on it several Common words are more secure and memorable than a password like Aw3s0m3s4u(3 or so.

I have an application (for multiple platforms) for which I want to generate somewhat secure passwords and my password requirements are much less demanding: If the password does not contain spaces, I expect the characters "Multiple symbols, numbers, mixed letters and 6+ characters ". but if the password has more than a non-consecutive space I relax the symbol / number / capitalization restriction and request instead at least two words no less than 4 characters long with a minimum length of 15 characters.

The question is not about The Aspect, but to generate: Assuming that I want to generate an easy-to-remember and hard-to-guess password for the user, it is cryptographically secure to generate a password that is based on 5 or more dictionary words from a list of 10,000 words ? (There are literally 10,000 words in my database that come from different sources, emails, etc.) These are all fairly common words that are no less than 3 characters long.

I'm not doing now want to make these unique passwords, but I guess I should at least The user must change it after logging in after using this generated password. This is fine and me canBut I also want users to have the option (when changing a password) to have a & # 39; secure & # 39; Generate password that meets my requirements.

How easy / difficult would it be to attack a password generated with this scheme? There is no fixed length, words in this database table are between 3 and 11 characters long (environment is a word in the database, for example)? The program that generates the passwords will not Select two words with 4 or fewer characters (so the shortest password can be a three-character word, four five-character words and four spaces for a total of 27 characters) will not Use the same term twice in a password.

Based on examples that I ran against it, the average password length generated by the program is ~ 34 characters, which seems acceptable to me. Even if we assume that each of the 27 minimum non-spaces (i.e. 23 characters at the end) can be 26 possible states (a-z), This is 23^26 or 2.54e+35 Possibilities.

The database contains 994 words with 3 to 4 characters.

We can also assume that the attacker Has the dictionary and the generation parameters / algorithm. If this is still safe, I can get away with a word from the generated password (that's still 21 characters, e.g. 18^26 Possibilities (4.33e+32The only problem I see is that this is not based on entropy character Entropy but on word entropy which would mean the 5-word password is 10000*9006*9005*9004*9003 Possibilities, or 6.5e+19 Ways, and the 4-word password is 10000*9006*9005*9004 Possibilities, or 7.30e+15, Compared to a normal 6-digit password ((26+26+10+33)^6 or 7.35e+11 Possibilities: 26 lower alpha, 26 upper alpha, 10 numbers 33 Symbols) it is significantly stronger.

Another assumption I made: users become write that down, they always do it I suspect the five random words on a piece of paper (hopefully not in direct Unfortunately, this is the most likely scenario. It is less likely to be considered a potential password than a complex term looks like a traditional password.

Finally, before I come to my real questions, are the passwords all salted before saving in the database, then with the hashed SHA-512 Algorithm 100 times, adding the salt between each hash. If the user logs in successfully, the salt is changed and a new password hash is created. (I guess this doesn't help much with an offline brute force attack, but it should help against active online attacks, I think.)

DatabasePassword = SHA512(...SHA512(SHA512(SHA512(password + salt) + salt) + salt) + salt)...)

So finally mine indeed Ask:

  1. Is my bill correct? (You don't necessarily have to answer that, I'm sure it's in principle close enough to demonstrate my concerns.)
  2. Is this generation sure or should I stick to the "traditional" password generation? Note that an attacker does not any The attacker can assume whether the password of the user was generated with this algorithm or whether it was selected by the user if You know the length, but that can be certain or not.
  3. Last I made any assumptions that would significantly the security of this & # 39; idea & # 39; change (increase or decrease)? (Assuming that the entropy of a 6-digit password per character is 95, for example.)

Sorry for the length, I'm used to explaining myself too much hopeful Alleviate confusion.


It was pointed out that my question is extremely Similar to this example, I would like to point out the differences in my creation method (although frankly it is still so similar that it could be considered a duplicate, I leave this to the community):

  1. Each word is separated by a space, ie all but the first and last three characters have an additional character potential Status.
  2. The password is Not chosen by a human being, it is (mostly) uniformly random generation. No words are preferred to others, except for just Allow an ultra-short word (3 or 4 characters), as soon as the random generator selects a word of this length, no more of it can be selected. (Although the position of this word in the list of words is still random, it can happen that Not an ultra-short word can be chosen.)
  3. This is mixed with one separate Password restriction, ie the attacker has two vectors that he is trying to crack. The user could have chosen a password that meets the "traditional" requirements or a password that meets the "XKCD" requirements.

Is it cryptographically possible to use aggregated signature schemes that can improve the privacy of UTXO consolidation?

My understanding of Schnorr signatures, Taproot, and Graftroot, and how they improve privacy in smart contracts / multi-sigs, is that users can aggregate signatures so that each signature and key is not visible, but summed up in the aggregate key / sig become.

Are there cryptographic protocols that can be used to sum up UTXO inputs? For example, have multiple inputs in a transaction been totalized and then signed with the sum of the entered private keys?

Is it possible to improve the privacy of UTXO consolidation?

Is there a Windows-based device or executable that can provide cryptographically secure random bytes through CMD or Powershell?

In essence, I am looking for the Windows equivalent of / dev / urandom under Linux.

I know I can use Windows CNG through the C ++ APIs, but I do not know if there is an available (portable) method to access random bytes on a modern Windows system from the command line.