@MoneroTalk @Tari @fluffypony
Yes, and Tari also supports randomX mining in addition to sha3. The decentralized mining pool https://p2pool.io/mini/ has increased from 15 MH/s to 115 MH/s hashrate in one day. Congratulations @fluffypony
#XTM #tari #RandomX #sha3 #mining #crypto #p2pool #Monero #XMR
Made good progress on my file integrity tools lately.
Calc-sum updates sha3-512 checksums in a hash-list.
When executing my scripts I can check the file integrity with check-sum while running. This is a security measure; sometimes I type in a file by accident without noticing. But now check-sum holds the script if the file has changed and the integrity check fails. For remote files this can of course also work as an extra security tool.
#linux #terminal #commandline #sha3 #file #integrity #security #checksum #tool
https://eprint.iacr.org/2023/331.pdf
"A Vulnerability in Implementations of SHA-3"
> we show how this vulnerability can be used to construct second preimages and preimages for the implementation, and we provide a specially constructed file that, when hashed, allows the attacker to execute arbitrary code on the victim’s device
💥
#infosec #vulnerability
#Buffer_overflow in #SHA3 #SHAKE #Keccak and #XKCP #hash functions. Some versions of #EdDSA are impacted too 😟
Paper 2023/331 A Vulnerability in Implementations of SHA-3, SHAKE, EdDSA, and Other NIST-Approved Algorithm
Abstract
This paper describes a vulnerability in several implementations of the Secure Hash Algorithm 3 (SHA-3) that have been released by its designers. The vulnerability has been present since the final-round update of Keccak was submitted to the National Institute of Standards and Technology (NIST) SHA-3 hash function competition in January 2011, and is present in the eXtended Keccak Code Package (XKCP) of the Keccak team. It affects all software projects that have integrated this code, such as the scripting languages Python and PHP Hypertext Preprocessor (PHP). The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (without any restrictions on values to be XORed and even far beyond the location of the original buffer), thereby making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective. First, we provide Python and PHP scripts that cause segmentation faults when vulnerable versions of the interpreters are used. Then, we show how this vulnerability can be used to construct second preimages and preimages for the implementation, and we provide a specially constructed file that, when hashed, allows the attacker to execute arbitrary code on the victim's device. The vulnerability applies to all hash value sizes, and all 64-bit Windows, Linux, and macOS operating systems, and may also impact cryptographic algorithms that require SHA-3 or its variants, such as the Edwards-curve Digital Signature Algorithm (EdDSA) when the Edwards448 curve is used. We introduce the Init-Update-Final Test (IUFT) to detect this vulnerability in implementations. #cryptography #encryption #sha #sha3 #cybersecurity #hash #hashing #algorithm #algorithms #nist #nistcybersecurityframework
The #SHA3 reference implementation seems to have an integer overflow.
https://eprint.iacr.org/2023/331.pdf
The only good part is that SHA3 is still not that widespread.
https://eprint.iacr.org/2023/331
#sha3 #CVE_2022_37454
Sichere Ahnen Prüfung mit Cryptographic Hashes
Bei der Erstellung eigner Stammbäume gibt es immer wieder den Wunsch in anderen Datenbeständen nach Familienangehörigen zu suchen. Dabei ergibt sich jedoch das Problem, dann personenbezogene Daten an andere versendet werden müssen.
https://schegge.de/2023/03/sichere-ahnen-pruefung-mit-cryptographic-hashes/
#Algorithmen #BestPractices #Design-Pattern #Java #Web #SHA #SHA3-256
Sichere Ahnen Prüfung mit Cryptographic Hashes
Bei der Erstellung eigner Stammbäume gibt es immer wieder den Wunsch in anderen Datenbeständen nach Familienangehörigen zu suchen. Dabei ergibt sich jedoch das Problem, dann personenbezogene Daten an andere versendet werden müssen.
https://schegge.de/2023/03/sichere-ahnen-pruefung-mit-cryptographic-hashes/
#Algorithmen #BestPractices #Design-Pattern #Java #Web #SHA #SHA3-256
With full joy I will be talking in #LibrePlanet 2023 about a free system for cataloguing challenging museum-libraries items like manuscripts and books with dedication/marginalia.
https://libreplanet.org/2023/program/
@fsf #FreeSoftwareFoundation #FreeSoftware #MESICON #LAMP #Linux #Apache #MySQL #PHP #SHA3
What is the hash method producing 128-bit output (32 hex chars) with lowest collision likelyhood?
https://security.stackexchange.com/questions/267049/what-is-the-hash-method-producing-128-bit-output-32-hex-chars-with-lowest-coll
#hash #sha3 #md5
We have improved our https://convert.ehehdada.com/ #online #data #converter to include the encoders and decoders for #base64, and #URL format; hashes for #MD2 #MD4 #MD5 #SHA1 #SHA2 #SHA3 #Gost #GostCrypto #SNEFRU; #checksum #algorithms for #Adler32 #CRC32 #CRC32b #FNV; text to binary, to octal, to decimal, to hexadecimal and vice versa; utilities like shuffle characters, to lowercase, to UPPERCASE; more soon. Let us know how you like it :-)
