Proxy re-encryption

What is proxy re-encryption? Proxy re-encryption lets Alice send Bob a message (M) via a semi-trusted proxy, without revealing Alice's private key to either the proxy or Bob, and without revealing the secret message to the proxy. As Wikipedia puts it: "Proxy re-encryption schemes are cryptosystems which allow third parties (proxies) to alter a ciphertext … Continue reading Proxy re-encryption

Advertisements

Signing GMail Messages with the Estonian eID PKI Card (Part 1)

After reading several articles about the Estonian eID, such as this one: "I’m now an Estonian e-resident, but I still don’t know what to do with it" it becomes clear that there needs to be a bit more use cases around the eID ecosystem. Cyrus Farivar (the author of the above article) already mentions how he used … Continue reading Signing GMail Messages with the Estonian eID PKI Card (Part 1)

Common operations using Estonian eID (Linux)

Assumptions: Using Ubuntu with OpenSC Installation Tip: Make sure to have installed OpenSC from source, rather than using the Ubuntu repositories (in other words, follow the instructions here [1] rather than using apt-get install opensc). This is necessary to avoid the "failed: Invalid arguments Decrypt failed: Invalid arguments " error as outlined in this OpenSC … Continue reading Common operations using Estonian eID (Linux)

Using Let’s Encrypt manual mode

Let's Encrypt is a service sponsored by web giants such as Facebook, Google Chrome, and Cisco (https://letsencrypt.org/). Let's Encrypt has recently gone into public beta and is extremely easy to use. It has some modules already built in to integrate directly with popular webservers like Apache. In my case, I had two use cases where … Continue reading Using Let’s Encrypt manual mode

ELK : exporting to CSV

Note: the following requires the "jq" json parser, available from: http://stedolan.github.io/jq/ 1. Run the desired query through the Kibana WebUI 2. Expand the additional options pane by clicking on the arrow underneath the graph as indicated in the below screenshot: 3. Select “Request” and copy the request displayed: 4. Open a linux terminal and use the … Continue reading ELK : exporting to CSV

AlienVault ELK Integration

In the last couple of blog posts[1][2] we've been exploring how to use the ELK stack as a forensic logging platform. We also had a couple of posts on deploying some AlienVault features [3][4]. In this post we explore a quick and easy way to integrate between the two systems. Apart from the flexible querying … Continue reading AlienVault ELK Integration

AlienVault: Adding a logger to a distributed deployment

There has been some confusion about how exactly to add a dedicated logger appliance to an AlienVault distributed deployment, that is, a setup where server roles (SIEM server, database, loggers, sensors, etc) are hosted on separate servers. It's not very well documented so here goes (with many thanks to AlienVault Support for providing the information): The configuration … Continue reading AlienVault: Adding a logger to a distributed deployment