From the blog

Anti-Forensic Information Splitter

30 January 2019

AFIS, or Anti-Forensic Information Splitter is an algorithm designed to support secure data destruction crucial for secure on-disk key management. The key idea is to bloat information and therefor improving the chance of destroying a single bit of it. The information is bloated in such a way, that a single missing bit causes the original information become unrecoverable. The default diffusion element is based on SHA-1, but different hashing algorithms may be selected by the user.

An implementation in Go is available in maze.io/x/crypto/afis.

[[MORE]]

The problem: removing data from hard drives comes with little guarantees

Even if you take all known precautions to delete a file from disk, chances are that (bits of the) data still remains on the disk. If the probability $p$ to destroy a certain block of data is $0 < p < 1$, then the chance of a block survives is $1-p$. Given a dataset of size $l$, the probability to destroy the whole block becomes $p^l$. But the probability the entire block survives, $(1-p)^l$, becomes smaller with increasing values of $l$. If $(1-p)^l$ is becoming smaller, then $1-(1-p)^l$ must become larger, which reflects the chance that the block will not survive.

The solution: moar blocks!

AFIS addresses the probability of a block to not survive by creating an interdependency for a data set $S$, $S=s_1, s_2,\dotsb s_n$, by generating $s_1 \dotsb s_n−1$ random data items and computing $s_n$ so that $s_1 \bigoplus s_2 \bigoplus s_3\dotsb\bigoplus s_n = D$. The reconstruction is done by carring out the left-side of the equation, XOR-ing all data items together. If one item $s_i$ is missing, $D$ can’t be reconstructed, since an arbitrary $s_i$ effects the entire $D$.

This scheme can be enhanced to include diffusion of information, so that the k-th bit of an arbitrary $s_i$ does not only affect the k-th bit of $D$ but the entire $D$. To achieve this diffusion, we insert a diffusion element in the chain of XORs. A crytographic hash function can be used as such element, but since it might not output sufficiently large data, it will be processed a few times with an increasing number, similar to an initial vector, prepended to the complete dataset to produce enough data. As a hash function is usually required to be non-invertible, we can not choose it’s output. Therefor, the last diffusion will be omitted. This will degrade security slightly, so when computing destruction probabilities the last element shall never be taken into account.

Anti-Forensic Information Splitter

As we can destroy a single undeterminated data item quite easily as shown in the previous paragraph, and as a single missing data item makes the base information unrecoverable, data items can be made reliable erasable. As illustration, you can find the overall composition above. $H$ denotes the diffusion element, which is likely to be a hash and $Z$ denotes the zero vector. In the splitting phase, $s_1$ to $s_n−1$ are random generated and the intermediate result $I$ is computed. Then $s_n$ computed as $s_n = D \bigoplus I$. When recovering the base information, the whole chain is computed as shown resulting in $D$, the original data item.

You may read the full theory and specification in the TKS1 draft.

Confidentiality

28 January 2019

Cryptography is hard, and rolling your own crypto is usually a bad idea. The project stars with the following claim:

This library is not a substitution for well seasoned TLS implementations and only exists as a supplementary means of offering cryptographic primitives. Make sure you understand the limitations of each function before you use them.

Having said that, the project exists because sometimes just doing TLS doesn’t fit the bill. What if we want to store an encrypted database row? Or what if the transport isn’t HTTP, but something else built on top of a streaming protocol? You’re most likely on your own.

[[MORE]]

In the confidentiality project we’re aiming to gather today’s best practices for doing message authentication, message encryption and doing key exchange over an untrusted channel.

You can follow the project development on my GitHub. At the moment there is no stable release yet.

Go opensmtpd v52

16 October 2018

opensmtpd has been updated to reflect the changes in OpenSMTPD API version 52. The API is still not stable, and the filter API has been discontinued.

[[MORE]]

The only working plugin type are tables at the time of writing, on OpenSMTPD version 6.0.3p1.

Project sources at https://git.maze.io/go/opensmtpd

`go get` on your domain

22 September 2016

I’m currently migrating my Github projects to the excellent self-hosted Gogs Gitea service at https://git.maze.io/.

Playing with the excellent gopkg.in service, I figured it would be awesome to use maze.io as the primary name space for the packages I’m building. As a start I setup a go organiation, https://git.maze.io/go.

[[MORE]]

At first I played with go-import-redirector which serves as a simple metadata provider for the go get command. Its usage is fairly straight forward:

go-import-redirector [-addr address] [-vcs vcs] [-parts parts] <import> <repo>

So, in order to serve up my go organisation’s repository on the landing page of the maze.io domain, I can simply run:

go-import-redirector -addr 127.0.0.1:3000 / https://git.maze.io/go

To make this work in conjunction with the other content hosted on my site, we use the following piece of nginx configuration:

upstream go-import-redirector {
  server 127.0.0.1:3000;
}

server {
  server_name maze.io

  # ... other definitions ...

  location / {
    proxy_set_header Host $host;
    if ($args ~ "go-get") {
      proxy_pass http://go-import-redirector;
    }

    # ... default location configuration ...
  }
}

Let’s test go get:

% go get -v maze.io/phi
Fetching https://maze.io/phi?go-get=1
Parsing meta tags from https://maze.io/phi?go-get=1 (status code 200)
get "maze.io/phi": found meta tag main.metaImport{Prefix:"maze.io/phi", VCS:"git", RepoRoot:"https://git.maze.io/go/phi"} at https://maze.io/phi?go-get=1
maze.io/phi (download)
maze.io/phi/header
maze.io/phi

It worked! And as a bonus, the supervisord program definition:

[program:go-import-redirector]
command         = go-import-redirector -addr 127.0.0.1:3000 / https://git.maze.io/go
directory       = /tmp
priority        = 100
startretries    = 99999999
stdout_logfile  = /var/log/go-import-redirector.log
redirect_stderr = true

nota bene: The Go namespace is actually located at maze.io/x/….

Digital Mobile Radio

23 March 2016

Lately I’ve become more involved in the HAM radio DMR community. Digital Mobile Radio, or DMR, is a Time Division Multiple Access (TDMA) digital voice system suitable for VHF and up. Most HAM radio applications utilise the UHF bands with typically a frequency split of 7.6 MHz, very much like traditional FM repeaters. More and more DMR enabled repeaters are popping up and there have been competing networks to link the repeaters up over the internet.

[[MORE]]

Other digital voice standards

There are many other digital voice standards operated by the HAM radio community such as TETRA, D-STAR, C4FM and many more. DMR is a relatively new technology, developed as an open standard by the European Telecommunications Standards Institute (ETSI). Comparing the different technologies is beyond the scope of this blog post, but DMR is a relatively new technology built for commercial use. This means there is still plenty of room for experimentation to make it suitable for HAM radio use whereas there are not many new developments on the D-STAR network.

DMR Repeaters

DMR repeaters are mostly built on using ready-existing, commercial repeaters form various vendors like Motorola, Hytera, RadioActivity, etc. But the HAM community has started to experiment with more open alternatives, like the excellent Multi-Mode Digital Voice Modem (MMDVM), DVMEGA and DV4mini projects. The MMDVM project aims to build a full capable, open source DMR repeater system while the DVMEGA and DV4mini allow end users to run their own local DMR hot spot.

Linked repeaters

CQ DMR Map

CQ DMR map by EA2CQ

Various projects exist today that link up the various DMR repeater systems. This can be somewhat confusing to the end user, because not all systems link up to the other existing systems, so there are multiple views of what is the global DMR platform. You can get an overview of how the various networks are spread on the http://www.cqdmrmap.com/ site.

More and more sites are adapting the Brandmeister DMR technology. Brandmeister is driven by a very talented group of HAM radio operators from all over the world. What makes Brandmeister so powerful? The people driving the project.

In my humble opinion Brandmeister is a prime example of what is possible when you combine modern day technologies with a group of driven HAM radio operators. Brandmeister offers support for a very wide variety of vendors and is fully decentralized. Also, Brandmeister is promoting experimentation with home built solutions by offering Homebrew protocol support, so HAM radio operators can plug in to the Brandmeister network.

Voice synthesis

DMR uses digital speech synthesis using the Advanced Multi-Band Excitation, or AMBE codec developed by Digital Voice Systems, Inc.. Initially the AMBE codec is what scared me away from DMR, because I think it’s very important that we keep the HAM radio world free from patented technologies that carry crazy license fees. Now over the last couple of months, DVSI has made the AMBE chips more affordable and Chinese radio manufacturing companies like Tytera are implementing low-cost software versions of the AMBE codec in their radio systems.

Luckily, the DMR specification leaves plenty of room for other voice codecs to be carried over the DMR network. So hopefully, the HAM radio will start experimenting with open voice standards like Codec2 or Opus.

Adressing on the DMR network

Addressing on the DMR network uses 24 bit identifiers to uniquely identify actors on the network. There are two standard modes that carry voice information (indicated by the Full Link Control Opcode or FLCO) that indicate wether a voice transmission is destined for a group, or for a (private) user to user transmission. If a group voice transmission is sent, the destination identifier is usually referred to as a Talk Group.

Brandmeister

Since HAM radio operators don’t want to get vendor locked, a team from Russia has started the Brandmeister project to link up repeaters using different technologies. More talented developers from all over the world have joined the Brandmeister project and the development team continues to expand.

BrandMeister growth

BrandMeister Network Growth by PD0ZRY

Starting off small, the Brandmeister project now has over 250 repeaters linked up from all over the world. This is still a relatively small network compared to D-STAR which has over 1000 repeaters linked, but the network growth rate is fenominal. The repeaters setup a link to a regional master, that has a full mesh with all the other regional masters around the world. This allows anyone on the Brandmeister DMR network to open up remote Talk Groups and talk with the other side of the world as if they are on the same local repeater.

Hose line

Hose line

Hose Line by PD0MZ

Piggy backing on the full mesh routing capabilities, I have started to develop a web based front end dubbed Hose line which allows users to listen in to the voice streams that are on the network. The engine is entirely built in Go and Javascript. This is how it all works.

Full mesh routing

All the regional masters on the Brandmeister network have a list of what other regional masters exist on the network. If a user on the Brandmeister DMR network starts a voice conversation to a Talk Group, all of the voice transmissions are relayed to all the other regional masters on the network. In turn, the regional master relays all of these packets to all of the repeaters. The repeaters keep track of what Talk Groups are local to them, or what Talk Groups are recently activated and decides if the voice frame will be relayed to the radio interface or not.

Streaming

The Hose line project uses the full mesh routing capabilities of the Brandmeister DMR network to receive voice frames from all the regional masters around the world. When a voice frame is received for a Talk Group, Hose line check if there are subscribers listening to the stream and decodes the voice frames on-demand so it can relay it as plain audio to the user’s browser. All of this is powered by a very simple publish-subscribe (or “pubsub”) bus written in the Go programming language.