Using gpg to encrypt backups stored on remote untrusted servers

I need to encrypt daily backups, then upload them to untrusted cloud storage (s3, dropbox, etc.)

I received help on security.se and crypto.se to formulate this approach:

  • tar and xz the backup file
  • create random 32 byte (symmetric) “session” key (head -c 32 /dev/urandom)
  • encrypt backups using session key
  • encrypt session key using my “master” (asymmetric) keypair’s public key
  • upload encrypted backup file and encrypted session key

Result:

  1. Every backup has unique symmetric session key
  2. Only my master keypair’s private key can decrypt session keys
  3. My private key is stored locally only
  4. Encryption process is completely automated; no passphrases required

However then I tried to implement this with gpg and stumbled over some items.

Once I generate a session key, how do I use it? I thought it was supposed to be the passphrase in gpg --symmetric --passphrase $ SESSION_KEY ..., but apparently that’s not how it’s done.

I did more digging and discovered that gpg does almost everything symmetrically, and that a session key is already generated and included in each encrypted file automatically (in the header). So most of the above is done automatically for me.

So, how do I use the session key (if at all)? I understand the theory, but not how to implement it with gpg.

Problem while using Reaver WPS

I was trying to crack my WiFi Router. I have two laptops an older one(Lenevo 3000 G430) and a newer one(HP Elitebook 840 G3) with their internal adapter. The old one has BCM4312 802.11b/g chipset and the newer one has Intel Dual Band Wireless AC 8260 (rev 3a) with Linux Drivers b43(older one) and iwlwifi(newer one) respectively. I was doing wps attack using reaver on Kali The old laptop has Kali installed but the new laptop is running on Live Persistent Kali USB. And this the output I get on both of them:

BSSID               Ch  dBm  WPS  Lck  Vendor    ESSID -------------------------------------------------------------------------------- 00:17:7C:91:XX:XX    6  -55  2.0  No   RealtekS  DIGISOL   (Target) XX:XX:XX:XX:YY:XY 6  -82  2.0  No   RealtekS  sjefbwdb root@XYZ:~# reaver -i wlan0mon -b 00:17:7C:91:XX:XX -vv -K 1  Reaver v1.6.5 WiFi Protected Setup Attack Tool Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>  [+] Waiting for beacon from 00:17:7C:91:XX:XX [+] Switching wlan0mon to channel 1 [+] Switching wlan0mon to channel 2 [+] Switching wlan0mon to channel 3 [+] Switching wlan0mon to channel 4 [+] Switching wlan0mon to channel 6 [+] Received beacon from 00:17:7C:91:XX:XX [+] Vendor: RealtekS [+] Trying pin "12345670" [+] Sending authentication request [!] Found packet with bad FCS, skipping... [!] WARNING: Receive timeout occurred                                                                                                                       [+] Sending authentication request [!] WARNING: Receive timeout occurred [+] Sending authentication request [!] WARNING: Receive timeout occurred [+] Sending authentication request [!] WARNING: Receive timeout occurred [+] Sending authentication request [!] WARNING: Receive timeout occurred [+] Sending authentication request  [+] Nothing done, nothing to save. 

With verbosity 4:

reaver -i wlan0mon -b 00:17:7C:91:XX:XX -vvvv -K 1  Reaver v1.6.5 WiFi Protected Setup Attack Tool Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com>  [+] Waiting for beacon from 00:17:7C:91:XX:XX [+] Switching wlan0mon to channel 1 [+] Switching wlan0mon to channel 2 [+] Switching wlan0mon to channel 3 [+] Switching wlan0mon to channel 4 [+] Switching wlan0mon to channel 6 [+] Received beacon from 00:17:7C:91:XX:XX [+] Vendor: RealtekS WPS: A new PIN configured (timeout=0) WPS: UUID - hexdump(len=16): [NULL] WPS: PIN - hexdump_ascii(len=8):      31 32 33 34 35 36 37 30                           12345670         WPS: Selected registrar information changed WPS: Internal Registrar selected (pbc=0) WPS: sel_reg_union WPS: set_ie WPS: cb_set_sel_reg WPS: Enter wps_cg_set_sel_reg                                                                                                                               WPS: Leave wps_cg_set_sel_reg early WPS: return from wps_selected_registrar_changed [+] Trying pin "12345670" send_packet called from deauthenticate() 80211.c:333 send_packet called from authenticate() 80211.c:364 [+] Sending authentication request [!] Found packet with bad FCS, skipping... send_packet called from resend_last_packet() send.c:161 send_packet called from resend_last_packet() send.c:161 send_packet called from resend_last_packet() send.c:161 send_packet called from resend_last_packet() send.c:161 send_packet called from resend_last_packet() send.c:161 send_packet called from resend_last_packet() send.c:161 send_packet called from resend_last_packet() send.c:161 send_packet called from resend_last_packet() send.c:161 

And yes WPS is enabled on the Router and even when I try from my android phone using WPS WPA Tester it works and the WPS gets locked after incorrect attempts…

Is it possible to emulate all dice rolls required for a D&D5e game using just a d6, and if so, how?

This is a question that I’ve asked myself numerous times, but I’ve never gotten a really satisfying result.

The issue is this: let’s assume we only have one or multiple d6 dice (arguably the most common type of dice outside of pen & paper), but we still want to play D&D 5e or another RPG game. The game doesn’t really matter here, we just need to be able to emulate different kinds of dice, such as d4, d8, d10, d12 or d20. I presume that if calculating these dices from rolls of a d6 is possible, any other potentially required dice rolls can be calculated as well in a similar fashion.

Therefore: How can the probability results of a d4, d6, d8, d10, d12 and d20 be emulated by rolling only with a d6?

How to switch directions using an array and how to move strings using an array? [closed]

I am working a program that starts at a direction and goes to the destination and reverse. I have reversed the list and used a if statement for the switching the directions from R (Right) and L (Left) and Im not sure on how to move specific strings to the top.

import java.io.FileInputStream; import java.io.*; import java.util.Scanner; import java.util.Arrays;  public class Directions {     public static void main(String[] args) {       Scanner in = new Scanner(System.in);     System.out.print("Enter input file name");     String inFileName = in.nextLine();      String[] parsedName = inFileName.split("\.");     String outFileName = parsedName[0] + "Numbered." + parsedName[1];      String[] = new newDirections[];     if (directions[i].equals("L")) {     newDirection = "R"; } else {     newDirection = "L"; }        try {       Scanner fIn = new Scanner(new FileInputStream(inFileName));       PrintWriter fOut = new PrintWriter(new FileOutputStream(outFileName));         int lineNumber = 0;       while (fIn.hasNext()) {         String line = fIn.nextLine();         lineNumber++;       }        int lineNumber2 = 20;       String[] reverse = new String[20];         while (fIn.hasNext()) {         String line = fIn.nextLine();         reverse[lineNumber] = line;         lineNumber++;          }         for (int i = 0; i < reverse.length; i++) { //Reversing the list         fOut.println(reverse[(reverse.length-1)-i]);         }        fOut.close();       fIn.close();       fOut.close();      } catch (FileNotFoundException e) {       System.err.println("File " + inFileName + " not found");     }     }   } 

Here is the file for the directions the file name is qdoba.txt

Start at Home R on College Ave L on Jefferson Davis Hwy R on Cowan Blvd R on Carl D Silver Pkwy Qdoba on R 

And here is the reverse

Start at Qdoba L on Carl D Silver Pkwy L on Cowan Blvd  L on Jefferson Davis Hwy R on College Ave Home on L 

I appreciate any help in advanced thank you!

Using the elements of one Matrix to form a new Matrix with specified rules

Given a matrix [a], how to get matrices [b] and [c] based on the following two rules?

  1. rule [a]->[b]: Strike out corresponding term in [a] and take product of the remaining two terms in the same column.
  2. rule [a]->[c]: Strike out the row and column containing the corresponding term in [a] and take sum of cross products in the 2×2 matrix remaining.

x,y,z can be replaced with 1,2,3; For example, $ a_{xy},a_{yz}$ can be replaced with a12,a23; [a] can be replace with:

a = {{a11, a12, a13}, {a21, a22, a23}, {a31, a32, a33}} 

Thank you

Matrix [a]

enter image description here

Matrix [b]

enter image description here

Matrix [c]

enter image description here

Using Chacha20 with a NULL nonce

I am new to ChaCha20. From the RFC —

The inputs to ChaCha20 are:

o A 256-bit key, treated as a concatenation of eight 32-bit little- endian integers.

o A 96-bit nonce, treated as a concatenation of three 32-bit little- endian integers.

o A 32-bit block count parameter, treated as a 32-bit little-endian integer.

Now looking at Apple’s CryptoKit the counter is not provided as an input option. They implement the counter underneath the hood. For the sake of this question, let’s assume the counter is implemented properly.

The key is set randomly for the encryption session (which is encrypting network data).

Now if I use a NULL nonce, the counter is still used. Will it be ok?

Is the max number of messages that can be encrypted this way before the key must be changed 2^32? or is it the max number of bytes?

Using unique per-session gpg keys to store backups on cloud storage

I’d like to encrypt my server’s daily backups and send them to dropbox / google drive / etc., as a backup.

I’ve read of various approaches. Assuming symmetric encryption (passphrase rather than public/private keypair), people seem to: tar, compress, encrypt with a passphrase (using gpg), and upload the result to cloud storage.

Then I found this comment (edited for brevity):

I wouldn’t use the same passphrase over and over to encrypt your files. Instead, I’d generate a file containing a number of random bytes and use that as a key for my .tar.bz2.gpg file. I’d then encrypt this random file with my 100 character passphrase and upload it together with the backup file. (Basically, I’d create a session key with which to encrypt my data and use the 100 character string as a master key to decrypt the session keys). You can automate this, and it gives you forward secrecy in case one of your backup session keys is compromised and the ability to decrypt any specific backup without losing control over your master key.

So if I understand correctly, for every backup I must (via a bash script):

  1. create the backup 2020-01-01.backup.tar.bzip2 (date is just an example)
  2. generate a random passphrase, and save it as 2020-01-01.passphrase.txt
  3. use 2020-01-01.passphrase.txt to encrypt 2020-01-01.backup.tar.bzip2 to get 2020-01-01.backup.tar.bzip2.gpg
  4. encrypt 2020-01-01.passphrase.txt with my “master” passphrase (which I keep on my local box) to get 2020-01-01.passphrase.txt.gpg
  5. upload 2020-01-01.backup.tar.bzip2.gpg and 2020-01-01.passphrase.txt.gpg to cloud storage

The above comment says this is more secure because if one backup/passphrase is compromised, the others are still safe as they use different passphrases.

But I’m a little confused. If the master passphrase is compromised (“hacked” / guessed / whatever) – all the backups are compromised. It seems like just another level of indirection.

The only way this makes sense is if the master passphrase is MUCH longer (more entropy) than each session passphrase – e.g. 100 characters vs 20 characters, respectively. But then why not just make every session passphrase 100 characters?

Is my understanding of this strategy correct, and can you detect any gotchas I should take into account?