Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Typage: Age Encryption with Passkeys

2025-07-16
Typage: Age Encryption with Passkeys

Typage, a TypeScript implementation of the age file encryption format, now supports passkeys for enhanced security. Version 0.2.3 leverages the WebAuthn API for symmetric encryption using passkeys, offering phishing resistance. A companion CLI plugin extends this functionality to hardware FIDO2 security keys. The implementation utilizes the WebAuthn PRF extension, creating a per-file hardware binding and unlinkability. This allows for seamless encryption and decryption across devices, while maintaining strong security guarantees. The new `age-encryption.org/fido2prf` format is central to this improved security.

Read more
(words.filippo.io)
Development file encryption

Run a Certificate Transparency Log on a Single Server!

2025-07-08
Run a Certificate Transparency Log on a Single Server!

This article explains how easy it is to run a Certificate Transparency (CT) log, a critical component of web security. The author highlights that with the new Static CT API and Sunlight implementation, running a CT log is now significantly cheaper and easier, requiring only a single server, minimal bandwidth, and storage. This presents an opportunity for organizations or individuals with spare resources to contribute to web security and enhance their technical skills.

Read more
(words.filippo.io)
Tech

Benchmarking RSA Key Generation: A Battle Against Probability

2025-01-03
Benchmarking RSA Key Generation: A Battle Against Probability

RSA key generation, while conceptually simple, is notoriously difficult to implement and benchmark. This article cleverly uses mathematical methods to overcome the noisy results typical of statistical approaches. By pre-generating a representative sequence of candidate numbers, the author provides a more stable and reliable benchmarking methodology for comparing different implementations. The article details the mathematical underpinnings of RSA key generation and shares the script and data used to generate the average candidate sequence, facilitating testing and comparison by readers.

Read more
(words.filippo.io)
Development RSA key generation benchmarking cryptography

Minimalist NAS: frood, an Alpine initramfs System

2024-12-16
Minimalist NAS: frood, an Alpine initramfs System

The author introduces frood, a NAS system built as a single, large initramfs image containing a complete Alpine Linux system. This design results in fast boot times and reduced wear on storage devices. Configuration is straightforward; files reside directly in the image, eliminating complex DSLs or configuration tools. The system state is tracked with Git, and each boot is effectively a fresh start, preventing configuration clutter. The article details the system's build process, including the use of the alpine-make-rootfs script, installation of essential packages, and writing startup scripts. QEMU testing and the system image update procedure are also described. In essence, frood is a lightweight, easily maintainable, and deployable NAS system whose simple design philosophy is worth emulating.

Read more
(words.filippo.io)
Development