Experience of implementing the "Continent TLS VPN" in the cluster configuration

Experience of implementing the "Continent TLS VPN" in the cluster configurationHello, Habr! We faced the task of implementing the product of the company "Security Code" "Continent TLS VPN". In this article we share the experience of implementing this product
 
here or here .
 
 
The key TLS tasks are:
 
 
 
ensure confidentiality, that is, protect against leakage of transmitted information;
 
to ensure the detection of a substitution, that is, to realize the integrity of the transmitted information;
 
to ensure the authentication of nodes, that is, to provide a mechanism for verifying the authenticity of the source of messages.
 
 
This protocol is widely used ...
+ 0 -

Proof-of-Proof-of-Work on the fingers. On the way to a sensible blockade

Proof-of-Proof-of-Work on the fingers. On the way to a sensible blockadeThe blocking protocols should provide a consensus among the nodes of the decentralized system. Perhaps the most famous consensus algorithm can be considered "braked, but reliable, because the braked" algorithm of Proof-of-Work: each node, having a set of new transactions, sorts through a certain number of nonce, which is the field of the block. A block is considered valid if all the transactions inside it are valid and the hash function of the block header has some common feature (for example, the number of zeros at the beginning, as in Bitcoin):
 
 

Hash (Block {transaction, nonce,}) = 000001001


 
As y...
+ 0 -

Crypto currency for beginners. How to start using Bitcoin

Crypto currency for beginners. How to start using BitcoinEveryone who has access to the Internet has repeatedly heard about the "magic" world of crypto-currencies. There ordinary people become the most real investors and multiply their initial capital.
 
 
But there are also those who got there indiscriminately: did not know what to buy, where to store and how to use. Such "investors" quickly lose all their savings and start shouting that bitcoin is a deception and, in general, an attempt of world freemasonry to fool money from honest people.
 
 
Therefore, before you start using crypto currency, you need to at least learn the basic principles of working ...
+ 0 -

Certification Center based on OpenSSL, SQLite3 and Tcl /Tk

Certification Center based on OpenSSL, SQLite3 and Tcl /Tk If you walk along the expanses of Habrahabra, you can find various publications on the issue of creating digital certificates, the organization of the Centers certification (CA) or even Certification Centers ( CU ) based on OpenSSL. Basically, these articles describe, in varying degrees, the use of either the openssl utility or the library functions of OpenSSL to work with certificates. At the same time, the database of certifying centers was built on directories and files, and continues to be built on them, as the command line was used as an administrator interface (even ...
+ +1 -

Bitcoin & AI. Victory is inevitable

About some properties of the secp256k1 curve and an attempt to predict its behavior.
 
 
As is known, the problem of discrete logarithm is very complex and people do not know how to calculate it quickly. Moreover, knowing the point on the curve P = n * G it is very difficult to make a judgment about the value of n. Even about the approximate value. Let's try even easier: let's try to make judgments about the sequence
Bitcoin & AI. Victory is inevitable
, or rather about the values ​​of

knowing the values ​​

.
 
...
+ 0 -

Fintech Digest: Russians will be able to take credit for the timbre of voice, PayPal goes to China, the arrest of the leader Cobalt

Hello. At the end of March, the world of fi niteha pleases us with a variety of news. Newsmakers are PayPal, Russian banks, creator of the malicious Cobalt, which caused losses of $ 1 billion, and other organizations and individuals.
 
 
Fintech Digest: Russians will be able to take credit for the timbre of voice, PayPal goes to China, the arrest of the leader Cobalt
 
 
Let's start, perhaps, with PayPal. The fact is that this company is beginning to expand into China. Celestial, despite the relative closeness of its financial market, will allow foreign companies to gain access to their electronic payment infrastructure.
The Central Bank of China said that foreign companies need to obtain a license to enter the country. If ...
+ 0 -

Information security of bank non-cash payments. Part 4 - Review of threat modeling standards

Information security of bank non-cash payments. Part 4 - Review of threat modeling standards
 
 
In
of the previous publication
cycle, we formed the basic requirements for the information security system of non-cash payments and said that the specific content of the protective measures will depend on the threat model.
 
 
To form a qualitative model of threats, it is necessary to take into account existing developments and practices on this issue.
 
 
In this article we will conduct an express review of about 40 sources describing the processes of threat modeling and information security risk management. Consider both the GOSTs and documents of Russian regulators (FSTEC of Russia, the Federal ...
+ 0 -

The artist encrypted the keys to the crypts in Lego installations, and we try to get them from there to get

The artist encrypted the keys to the crypts in Lego installations, and we try to get them from there to get  
 
Hello, Habr! I suggest that everyone wishing to stretch their brains a little crypto-rebus.
 
 
I will make a reservation right away, I did not solve the riddle to the end, however, the course of the decision seems to be clear so I would like to see how the community will look for the solution.
 
 
In advance, I apologize for the style of presentation, but at four in the morning I will still be very brief in telling short stories and in fact. To whom the details are interesting, I will mention the links at the end of the note.
 
 
www.artsy.net/show/hijinx-new-money ...
+ 0 -

Hash-steganography in dataset-ah. This time fast

Hash-steganography in dataset-ah. This time fastAll with Friday! In his the last post about hash-steganography I suggested a different approach in steganography - do not intersperse any information into the container, but simply arrange the containers in the right order and thus transmit the hidden information. Two days ago romabibi has published proof of consept for hash-steganography in social network vKontakte .
 
However, the use of pictures as containers has an important izyan. I quote Comment alekseev_ap ...
+ 0 -

Strong data encryption in PNG

 
Good morning, Habr. I read yesterday article about hash-steganography through social networks, and I came up with the idea to do something more optimal in terms of the amount of output. It turned out something more or less workable and even optimized (as opposed to 3r3r3? proof-of-concept
? romabibi
), Therefore, like promised , writing an article.
 
 
Well, I'll say hello to you again: Strong data encryption in PNG , and welcome to the cat.
 
 
I decided to implement the idea as much as possible in a stupid way simply...
+ 0 -