diff options
| author | Gab <24553253+gabrix73@users.noreply.github.com> | 2025-02-11 16:26:05 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-11 16:26:05 +0100 |
| commit | 5ed41eba5a257bd016e72a271df73e0e8a0e70bc (patch) | |
| tree | 75e02bf273842107c6e3f03a3c599b3276c59004 | |
| parent | a6293d92293de58971e84a42bbc5e3a42e1c30e9 (diff) | |
| download | nofuture-go-memguard-5ed41eba5a257bd016e72a271df73e0e8a0e70bc.tar.gz nofuture-go-memguard-5ed41eba5a257bd016e72a271df73e0e8a0e70bc.tar.xz nofuture-go-memguard-5ed41eba5a257bd016e72a271df73e0e8a0e70bc.zip | |
Update README.md
| -rw-r--r-- | README.md | 78 |
1 files changed, 44 insertions, 34 deletions
@@ -3,27 +3,30 @@ Web application for ephemeral encryption of texts. Paring the sessions with an Technical Analysis: -Nofuture Core Security Features: -Uses memguard for secure memory management -Implements curve25519 for public-key cryptography -Employs NaCl's box encryption for message security -Utilizes secure session management with random IDs -Implements CORS protection with proper headers -Key Security Components: +<h4>Nofuture Core Security Features:</h4><br> +<ul> +<li>Uses memguard for secure memory management</li> +<li>Implements curve25519 for public-key cryptography</li> +<li>Employs NaCl's box encryption for message security</li> +<li>Utilizes secure session management with random IDs</li> +<li>Implements CORS protection with proper headers</li> + </ul> +<h4>Key Security Components:</h4> -a) Memory Protection: +a) <b>Memory Protection:</b> -memguard.CatchInterrupt() -defer memguard.Purge() -This ensures sensitive data is wiped from memory when the program terminates or receives an interrupt signal. +<pre>memguard.CatchInterrupt() +defer memguard.Purge()</pre> +<p>This ensures sensitive data is wiped from memory when the program terminates or receives an interrupt signal.</p> -b) Session Management: +b) <b>Session Management:</b> -Private keys are stored in memguard.LockedBuffer -Public keys are stored as regular bytes -Sessions are managed in a thread-safe sync.Map -Session IDs use cryptographically secure random generation -c) Encryption Process: +<p>Private keys are stored in memguard.LockedBuffer</p> +<p>Public keys are stored as regular bytes</p> +<p>Sessions are managed in a thread-safe sync.Map</p> +<p>Session IDs use cryptographically secure random generation</p> + +c) <b>Encryption Process:</b> Uses X25519 for key exchange Implements box.Seal for authenticated encryption @@ -39,23 +42,30 @@ Security Assessment: The application provides strong protection against: -RAM-based attacks: -Protected by memguard's secure memory allocation -Keys are automatically wiped from memory -No sensitive data in regular heap memory -Protected against cold boot attacks -Network-based threats: -All API endpoints use HTTPS -Proper CORS implementation -Input validation on all endpoints -Session-based authentication -Keylogging protection: -Virtual keyboard bypasses system keyboard -Randomized layout prevents pattern analysis -No physical key events to intercept -Protection against both software and hardware keyloggers -Malware resistance: -The combination of memguard protection and the virtual keyboard makes it extremely difficult for malware to capture sensitive data because: +<h4>RAM-based attacks:</h4> +<ul> +<li>Protected by memguard's secure memory allocation</li> +<li>Keys are automatically wiped from memory</li> +<li>No sensitive data in regular heap memory</li> +<li>Protected against cold boot attacks</li> + </ul> +<h4>Network-based threats:</h4> +<ul> +<li>All API endpoints use HTTPS</li> +<li>Proper CORS implementation</li> +<li>Input validation on all endpoints</li> +<li>Session-based authentication</li> + </ul> +<h4>Keylogging protection:</h4> +<ul> +<li>Virtual keyboard bypasses system keyboard</li> +<li>Randomized layout prevents pattern analysis</li> +<li>No physical key events to intercept</li> +<li>Protection against both software and hardware keyloggers</li> + </ul> + +<h4>Malware resistance:</h4> +<p>The combination of memguard protection and the virtual keyboard makes it extremely difficult for malware to capture sensitive data because:</p> Encryption keys are never exposed in regular memory Virtual keyboard prevents keylogging Screen recording is ineffective due to randomized layouts |
