- Explicitly spell out the ECDH-ES public key validation routines from NIST. I have a blog post summarising them: https://neilmadden.wordpress.com/2017/05/17/so-how-do-you-validate-nist-ecdh-public-keys/
- Recommend that (despite the -ES) ECDH is safest when both keys are ephemeral (eg you use some initial step to retrieve a fresh authenticated ephemeral key from the other party).
- Spell out how to authenticate ECDH ephemeral keys. For instance, include an inner signed JWT that repeats the epk and possibly the apu/apv claims too.
- Recommend that the apu and apv claims as a bare minimum include a hash of both public keys and SHOULD include any other known identifiers.
- Recommend that the receiving party recalculates the apu and apv claims from known inputs to check they match. (Or leave these out of the JWT and require the other party to recalculate them).
- Provide explicit key lifetime requirements. E.g., for AES GCM this should not exceed 2^32 messages for randomly-generated IVs, and not exce
Neil Madden NeilMadden
NeilMadden
/ crypto.py
Last active
February 4, 2025 14:06
A Lazy Developer’s Guide to Modern Cryptography
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Copyright 2024 Neil Madden. | |
| # License: https://creativecommons.org/licenses/by-sa/4.0/deed.en. | |
| # Like this? I do training courses & consultancy: | |
| # https://illuminated-security.com/ | |
| import hashlib | |
| import math | |
| import os |
NeilMadden
/ DPoP.java
Created
November 19, 2019 14:51
Example ECDH DPoP using existing JWE ECDH-ES implementation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Shared context of the request: | |
| String accessToken = "an_access_token"; | |
| String origin = "https://api.example.com:443"; | |
| JweHeader header = new JweHeader(); | |
| header.setAgreementPartyUInfo(Base64url.encode(accessToken)); | |
| header.setAgreementPartyVInfo(Base64url.encode(origin)); | |
| // Server - generate challenge | |
| OkpJWK ephemeral = OkpJWK.generateKeyPair(X25519); | |
| String challenge = Base64url.encode(ephemeral.toPublicJwk().get().toJsonValue().toString()); |
NeilMadden
/ dpop.js
Created
November 19, 2019 12:32
Sketch ECDH DPoP implementation using WebCrypto
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const crypto = window.crypto.subtle; | |
| const UTF8 = new TextEncoder('utf-8'); | |
| function genKeyPair() { | |
| return crypto.generateKey({ | |
| name: "ECDH", | |
| namedCurve: "P-256" | |
| }, false, ['deriveKey', 'deriveBits']); | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0x70000d039000 11:12:31.767 [opensc-pkcs11] ctx.c:792:sc_context_create: =================================== | |
| 0x70000d039000 11:12:31.767 [opensc-pkcs11] ctx.c:793:sc_context_create: opensc version: 0.17.0 | |
| 0x70000d039000 11:12:31.767 [opensc-pkcs11] reader-pcsc.c:815:pcsc_init: PC/SC options: connect_exclusive=0 disconnect_action=1 transaction_end_action=0 reconnect_action=0 enable_pinpad=1 enable_pace=1 | |
| 0x70000d039000 11:12:31.768 [opensc-pkcs11] reader-pcsc.c:1283:pcsc_detect_readers: called | |
| 0x70000d039000 11:12:31.768 [opensc-pkcs11] reader-pcsc.c:1302:pcsc_detect_readers: Probing PC/SC readers | |
| 0x70000d039000 11:12:31.768 [opensc-pkcs11] reader-pcsc.c:1330:pcsc_detect_readers: Establish PC/SC context | |
| 0x70000d039000 11:12:31.768 [opensc-pkcs11] reader-pcsc.c:1242:pcsc_add_reader: Adding new PC/SC reader 'Nitrokey Nitrokey HSM' | |
| 0x70000d039000 11:12:31.768 [opensc-pkcs11] reader-pcsc.c:319:refresh_attributes: Nitrokey Nitrokey HSM check | |
| 0x70000d039000 11:12:31.769 [opensc-pkcs11] reader-pcsc.c:347:refresh_attr |
NeilMadden
/ index.erl
Created
February 28, 2017 17:23
Neil Madden "Functional Programming in Erlang MOOC" Submission for Week 2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -module(index). | |
| -export([index_file/1,get_file_contents/1,show_file_contents/1]). | |
| % Used to read a file into a list of lines. | |
| % Example files available in: | |
| % gettysburg-address.txt (short) | |
| % dickens-christmas.txt (long) | |
| % Get the contents of a text file into a list of lines. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| % Functional Programming in Erlang MOOC | |
| % Week 1 assignment submission - Neil Madden | |
| -module(ex). | |
| -export([perimeter/1,area/1,enclose/1,bits/1]). | |
| % Type definitions! Found out Erlang supports these... | |
| -type point() :: {number(), number()}. | |
| -type circle() :: {circle, point(), number()}. | |
| -type rectangle() :: {rectangle, point(), number(), number()}. | |
| -type triangle() :: {triangle, point(), point(), point()}. |
NeilMadden
/ keybase.md
Created
November 23, 2016 16:11
I hereby claim:
- I am neilmadden on github.
- I am neilmadden (https://keybase.io/neilmadden) on keybase.
- I have a public key ASBcU_6xkYIeml3XZUbGrLB9LgOAcrvKGTZB55p-6JTyogo
To claim this, I am signing this object: