[Ntp] Rotating PSK Script & NTP. (c)RS

Duke Abbaddon <duke.abbaddon@gmail.com> Sat, 14 January 2023 02:34 UTC

MIME-Version: 1.0
From: Duke Abbaddon <duke.abbaddon@gmail.com>
Date: Sat, 14 Jan 2023 02:34:12 +0000
Message-ID: <CAHpNFcPEr9HH78tgVWr69BF7b2eqZ4tsOx6o1ga4v2B5ekOdAg@mail.gmail.com>
To: internet-time-service@nist.gov
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/u4W4MGKp0uA52NV7sQ04vHHAL38>
Subject: [Ntp] Rotating PSK Script & NTP. (c)RS
Precedence: list

Rotating PSK Script & NTP. (c)RS

Everyone heard the story of the harrier & the 80Bit PSK? Well copy &
paste is the issue!

You can negotiate a lower security & grab upto 15 64Bit PSK's for the
Raidar and be relatively safe with TLS/SSL

PSK Recommended length 120Bit

PSK Lengths:

8 Characters to 128 ASCII : HARRIER 80Bit MAXUS

You can rotate them every 5 minutes to NTP clock,

Set Rule; Grabe time; Set timer : Go Go Go expedition!

No need to have a fallen communications tower or exposed radar with
the rotating PSK Script & NTP.

(c)RS

results matter, So here are some examples :
https://www.ssllabs.com/ssltest/analyze.html?d=d.ns4v.icu&latest
https://www.ssllabs.com/ssltest/analyze.html?d=dns-v2.ns4v.icu&latest

When i say verified - you can see : SSL | TSL
https://www.virustotal.com/gui/file/155895c95b81f7f0977c44c4f3ac8e7c24b339db7ae1a4790cfd843588c0c6f6/details
https://www.virustotal.com/gui/file/b4e2f4cf9aa01e1b33cb4b3950b0134d90052c2c27705abb02431eaa646ca8b9/details

When i say verified - you can see : SSL | TSL : Good for 3G, 4G, 5G
because we need ssl there https://is.gd/SecurityHSM
https://is.gd/WebPKI

Device Security CRT Initiations for URT, USB, Wireless & other Device
Interactions : (c)RS

A very good way to think about a mouse, Keyboard & device AES & Crypto
security is that a device needs to be in the certificate store,

Two reasons Hardware acceleration is OS Store & Security; The
device(computer) specifically requests all interactions with the CRT
with a level of privacy & security, By GUID Definition & identity;
Secondly limiting the function to parameters so it will not hack the
system..

So firstly the device certificate needs to interact with a store for a
temporary cert & therefore we need a device Certificate store that
contains the equivalent of the Secure client key in SHELL,

This does not need to worry us; But we need a store! if not the device
driver needs to initiate the system Store DL & AES Systems so that the
device is secured with a personal store & main key (probably
ECC-AES-'GCM<>FF3-1' )

Rupert S

https://science.n-helix.com/2022/08/jit-dongle.html

https://science.n-helix.com/2022/06/jit-compiler.html

*****

((network server)Effectively Improves Phone & network SSL Connectivity
& thus +security) (good for telecommunications networks) (TLS) My
files are all verified by virustotal & are signed anyway!
https://is.gd/SecurityHSM https://is.gd/WebPKI

TLS Optimised https://drive.google.com/file/d/10XL19eGjxdCGj0tK8MULKlgWhHa9_5v9/view?usp=share_link

RS

*****

***********

(in comparison Poly & AES is quite good for 32Bit USB Mice
(small channel) Performance Evaluation Comparison LIGHTWEIGHT CIPHERS
NIST LightWeight Cryptography Requirements : RS

Lightweight Cryptography
https://www.cryptrec.go.jp/report/cryptrec-gl-2003-2016en.pdf
https://www.scitepress.org/papers/2014/49006/49006.pdf

Performance Evaluation Comparison LIGHTWEIGHT CIPHERS NIST LightWeight
Cryptography Requirements
https://scholarworks.calstate.edu/downloads/k0698968b

AES-NI Compatible Ciphers : AES, ARIA, CLEFIA
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-cipher-catalog-01#page-3

CLEFIA : Large size table, Pure function
https://datatracker.ietf.org/doc/html/rfc6114

ARIA : Random is a big+ to anomininity bit 128Bit's of data
https://datatracker.ietf.org/doc/html/rfc5794
ARIA is conformant
https://datatracker.ietf.org/doc/html/rfc6209
ARIA SRTP
https://datatracker.ietf.org/doc/html/rfc8269#page-14

************


AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption
https://datatracker.ietf.org/doc/rfc8452/

Adding the nonce to GMAC makes GMAC's unique : ICE-ssRTP
https://www.zerotier.com/2019/09/04/aes-gmac-ctr-siv/
https://www.rfc-editor.org/rfc/rfc5297#page-15

Correct Time : EEC Elliptic & Nonce timer function:

"The thing about random unique nonce with :dev/rng is that verifying
the nonce's uniqueness is an issue, with SSRTP nonce, Time intrinsics
allow only one play time https://datatracker.ietf.org/doc/rfc8954/

So what about if they have a reset phone & have not got the correct
time ? mine wouldn't do NTP until i set it to pools.ntp.org, the
telephone network would not change the time!"

So the nonce may need a seconds from arrival timer; So that it is from
the time it arrives (in your terms) & additionally a sent and arrival
time so that when you get the correct time; It still works!

In essence TLS & OSCP need a time from arrival (to verify
link/Security CRT), It does not matter if that NTP timer is off by 5
Minutes...

you can use the Time related EEC Elliptic curve & as long as it is
timed from arrival & sends back a sample with a from time & until...

That EEC Elliptic & Nonce will work.

RS

*****


sRTP Chaos Nonce: Certificate transactions; TLS & OCSP Security Protocols
https://datatracker.ietf.org/doc/rfc8954/

https://science.n-helix.com/2022/03/ice-ssrtp.html

Code Speed
https://science.n-helix.com/2022/08/simd.html
https://science.n-helix.com/2022/09/ovccans.html

Chaos
https://science.n-helix.com/2022/02/interrupt-entropy.html
https://science.n-helix.com/2022/02/rdseed.html
https://science.n-helix.com/2020/06/cryptoseed.html

sRTP Chaos Nonce: Certificate transactions; TLS & OCSP Security Protocols
https://datatracker.ietf.org/doc/rfc8954/

RSA-PSS
RSASSA-PSS is a probabilistic signature scheme (PSS) with appendix
RSAES-OAEP (Optimal Asymmetric Encryption Padding)

https://www.cryptosys.net/pki/manpki/pki_rsaschemes.html
https://www.rfc-editor.org/rfc/rfc8017
https://www.rfc-editor.org/rfc/rfc5756

PSK:
Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois
Counter Mode
https://datatracker.ietf.org/doc/rfc5487/
https://datatracker.ietf.org/doc/rfc8442/

Nonce & Plaintext, Token & SequenceID (Bearing in mind that ICE-SSRTP
Nonce is compatible)
https://www.ietf.org/id/draft-howard-gssapi-aead-01.txt

AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption
https://datatracker.ietf.org/doc/rfc8452/

Adding the nonce to GMAC makes GMAC's unique : ICE-ssRTP
https://www.zerotier.com/2019/09/04/aes-gmac-ctr-siv/
https://www.rfc-editor.org/rfc/rfc5297#page-15

AES-GCM SRTP
https://datatracker.ietf.org/doc/rfc7714/
AES-CCM
https://datatracker.ietf.org/doc/rfc6655/

Lightweight Cryptography
https://www.cryptrec.go.jp/report/cryptrec-gl-2003-2016en.pdf
https://www.scitepress.org/papers/2014/49006/49006.pdf

Performance Evaluation Comparison LIGHTWEIGHT CIPHERS NIST LightWeight
Cryptography Requirements
https://scholarworks.calstate.edu/downloads/k0698968b

AES-NI Compatible Ciphers : AES, ARIA, CLEFIA
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-cipher-catalog-01#page-3

CLEFIA : Large size table, Pure function
https://datatracker.ietf.org/doc/html/rfc6114

ARIA : Random is a big+ to anonymity bit 128Bit's of data
https://datatracker.ietf.org/doc/html/rfc5794
ARIA is conformant
https://datatracker.ietf.org/doc/html/rfc6209
ARIA SRTP
https://datatracker.ietf.org/doc/html/rfc8269#page-14

Compact TLS 1.3
https://datatracker.ietf.org/doc/draft-ietf-tls-ctls/
DTLS 2023
https://datatracker.ietf.org/doc/draft-ietf-tsvwg-dtls-over-sctp-bis/
TLS 1.2
https://datatracker.ietf.org/doc/rfc5246/

Network Time Protocol Version 4: Protocol and Algorithms Specification
https://datatracker.ietf.org/doc/rfc5905/

https://science.n-helix.com/2022/01/ntp.html

https://is.gd/SecurityHSM
https://is.gd/WebPKI

[Ntp] Rotating PSK Script & NTP. (c)RS Duke Abbaddon