This project leverages a YubiKey HMAC-SHA1 Challenge-Response mode for creating strong LUKS encrypted volume passphrases. It can be used in intramfs stage during boot process as well as on running system. In Automatic mode you create custom challenge with 0-64 byte length and store it in cleartext in /etc/ykfde.conf and inside the initramfs image.
https://github.com/agherzan/yubikey-full-disk-encryptionTags | luks encryption yubikey archlinux yubico initramfs luks-partition unlock disk-encryption |
Implementation | Shell |
License | Apache |
Platform |
eMount is a free system administrator tool for Linux that can mount, encrypt and manage disk image files and physical disk drives. It relies on cryptsetup, which implements the LUKS disk encryption specification.
Please note this is a Beta version with some known limitations. Particularly on 64 bit Windows the text 'Test Mode' is shown on the desktop. Important: LibreCrypt in Portable mode will not work on Windows Vista and later 64 bit versions without a extra step before use.
This is a guide to using YubiKey as a SmartCard for storing GPG encryption and signing keys. An authentication key can also be created for SSH and used with gpg-agent.
yubikey gpg gnupg ssh security gpg-agent gpg-configuration smartcard remote-access rsa-cryptographyTrueCrypt is software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys.
encryption filesystem secure-disk file-system encrypted-filesystemScript to manage passwords in an encrypted file using gpg. New! Purse is a fork which uses public key authentication instead of a master passphrase and can integrate with YubiKey.
password-manager password gpg gnupg unix bash bash-script encryption file-encryptionyubiswitch is an OSX status bar application to enable/disable a Yubikey Nano or Neo from Yubico. Yubico is the producer of the Yubikeys: an hardware authentication device, designed to provide an easy to use and secure compliment to the traditional username and password.
yubikey yubico osx statusbarHow to set up a Linux system to use encryption in disk and network accesses. This document describes how you can use the International Kernel Patch and other packages to make harddisk contents and network traffic inaccessible to others by encryption.
This is a driver for PCI encryption cards using the Hi/fn 7751 encryption processor, including cards from GTGI, NETSEC, Invertex and Hi/fn themselves. Supports all card modes and functions, including encryption unlock and compression.
Cryptux is a full featured Linux distribution that aims to bring full disk encryption to the common user. Cryptux is based on RedHat Linux with the inclusion of the PPDD crypto block driver by Allan Latham.
cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.
cryptography encryption s-mime digital-signature security security-libraryBy design, email message headers need to be public, for exchanges to happen. The body of the message can be encrypted by the user, if desired. Moreover, there is no way to prevent the host from having access to the virtual machine. Therefore, full disk encryption (at rest) may not be necessary. Given our low memory requirements, and the single-purpose concept of email service, Roundcube or other web-based IMAP email clients should be on a different VPS.
openbsd smtpd dovecot rspamd unbound httpd gnupgThis is cryptographic disk driver for FreeBSD. It provides transparent encryption and decryption of selected devices. It is based on vn(4).
Dumps decrypted mach-o files from encrypted iPhone applications from memory to disk. This tool is necessary for security researchers to be able to look under the hood of encryption.
Minimallistic zero-dependency library for generating, decoding and encryption JSON Web Tokens. Supports full suite of JSON Web Algorithms as of July 4, 2014 version. JSON parsing agnostic, can plug any desired JSON processing library. Extensively tested for compatibility with jose.4.j, Nimbus-JOSE-JWT and json-jwt libraries.v2.1 and above added extra features support for .NET461+ and coming with 3 version of binaries (NET4, NET461 and netstandard1.4).
jose jwt json jwa jwe jws fips jwt-token jwt-auth jwt-authentication encryption signature security openid oauth2 openidconnect federation netcore jwt-token-library jwt-library json-web-tokenNote: It's 2017 and if you're looking for a modern and actively maintained Ruby encryption library you should do yourself a favor and check out RbNaCl. Gibberish was started in 2011 when encryption on Ruby was not a trivial matter, however thanks to projects like NaCl and LibSodium that's no longer the case. See the full docs for information on SJCL interoperability.
The YubiKey Azure Authentication project shows how to use the Yubico authentication service from a ASP.NET MVC 3 site hosted in Windows Azure, with SQL Azure as the backend user store, for a more secure two-factor authentication of users in the cloud.
This project show the use of my new form encryption, Layered Encryption. This encryption is based on 256bit encryption but made very strong using my Layering Method
Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. This includes support for JSON Web Encryption, JSON Web Signature, and JSON Web Token standards.Disclaimer: This library contains encryption software that is subject to the U.S. Export Administration Regulations. You may not export, re-export, transfer or download this code or any part of it in violation of any United States law, directive or regulation. In particular this software may not be exported or re-exported in any form or on any media to Iran, North Sudan, Syria, Cuba, or North Korea, or to denied persons or entities mentioned on any US maintained blocked list.
jose json-web-encryption json-web-signature jwe jws jwt json-web-token crypto signing encryption jwt-token-library jwt-token jwt-libraryA misuse resistant symmetric encryption library designed to support authenticated encryption of individual messages, encryption keys, message streams, or large files using the AES-SIV (RFC 5297), AES-PMAC-SIV, and STREAM constructions. Miscreant is available for several programming languages, including C#, Go, JavaScript, Python, Ruby, and Rust.
aes siv cryptography security nonce-misuse-attacks aead key-wrapping streaming-encryption
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.