Do something useful with the TPMan idea by mwilck Almost all our laptops, and many servers, feature a TPM today. The TPM doesn't have the best reputation in the community because it could be used to lock down platforms or do nasty things with DRM. Under normal conditions on PCs, the TPM is controlled by the system owner and could actually be useful for almost anything involving crypto. Unfortunately the integration of the TPM in the OS is essentially non-existent. The introduction of the TPM2.0 standard complicates matters, because we now have two different devices with different APIs. The goal of this project would be to identify reasonable use cases for the TPM, evaluate exisiting projects, and create ways how to integrate it into various workflows in openSUSE. |
distributed card games, a.k.a. mental pokeran invention by AndreasStieger Mental poker is a principle and also specific protocol to play card games without a single trusted party. This includes shuffling cards, enforcing card visibility and commitment schemes. Imagine playing rock-paper-scissors via phone only. libTMCG is an implementation of the protocol and SecureSkat is an application of this protocol/library to the popular German card game Skat. |
Tools to make keysigning fun again (replacement for caff)an idea by kbabioch There is a tool called caff, which is the de-facto standard when dealing with keysigning (on a large scale, e.g. after a key signing party). This tool hasn't been touch in years, is written and configured in Perl (hence cannot be read and/or maintained :smile:) and is not easy to package, because of a lot of dependencies, etc. It is not even available in our default repositories (at least for Tumbleweed). In general there seems to be a certain kind of frustration with this software, but there is no real alternative available yet. Ideally the new toolset should allow to organize a complete keysigning party, e.g. it should assist the organizer with: |
Improving the Security of OpenPGP USB Token with a Secure Chipa project by biergaizi OpenPGP Card is an ISO/IEC 7816-4 compatible smartcard that is integrated with many OpenPGP functions, including signature, encryption, and authentication. It provides an trustful computing environment isolated from the host computer, to guard one's private keys from attacks and exposures. ZetiControl in Germany is the first manufacturer of OpenPGP Card based on BasicCard platform. Since then, compatible USB tokens have also been manufactured, such as Yubikey and Nitrokey. Currently for compatible USB tokens, there are two approaches of OpenPGP Card implementation: |
FIDO2 emulationa project by mkoutny Project DescriptionFIDO2 is set of specifications for multi-factor authentication. It is based on asymmetric cryptography with secrets stored in a HW token. The token must support the protocol to be usable. |
Project Verifree : internal key server(s)a project by mcaj Project descriptionThe project Verifree is about GPG key server. The goal is build a Key server, where users are able to |
OMEMO Hexchat pluginan idea by dknorr Project Descriptioni want to build a hexchat plugin, so i can run a omemo-secured conversation over irc with someone who also has an omemo implementation |
Sign me off|inan invention by mkoutny Project DescriptionIt is possible to sign (off) git commits with your SSH key. The very same key that's used to sign in to SSH servers. I would like to look into the buffer contents in the two cases and examine if/how they are replacable. |
Encrypted volumes in elemental-toolkitan invention by flonnegren Project DescriptionAdd support in elemental-toolkit for encrypted volumes using LUKS. |
Authenticated hashes for BTRFSa project by dsterba Project DescriptionImplement a checksum algorithm for BTRFS that uses and authenticated (keyed) hash. There are 2 cryptographically secure hashes supported by btrfs, sha256 and blake2b. |