summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGab <24553253+gabrix73@users.noreply.github.com>2025-02-11 16:26:05 +0100
committerGitHub <noreply@github.com>2025-02-11 16:26:05 +0100
commit5ed41eba5a257bd016e72a271df73e0e8a0e70bc (patch)
tree75e02bf273842107c6e3f03a3c599b3276c59004
parenta6293d92293de58971e84a42bbc5e3a42e1c30e9 (diff)
downloadnofuture-go-memguard-5ed41eba5a257bd016e72a271df73e0e8a0e70bc.tar.gz
nofuture-go-memguard-5ed41eba5a257bd016e72a271df73e0e8a0e70bc.tar.xz
nofuture-go-memguard-5ed41eba5a257bd016e72a271df73e0e8a0e70bc.zip
Update README.md
-rw-r--r--README.md78
1 files changed, 44 insertions, 34 deletions
diff --git a/README.md b/README.md
index 2e39e57..01209ba 100644
--- a/README.md
+++ b/README.md
@@ -3,27 +3,30 @@ Web application for ephemeral encryption of texts. Paring the sessions with an
Technical Analysis:
-Nofuture Core Security Features:
-Uses memguard for secure memory management
-Implements curve25519 for public-key cryptography
-Employs NaCl's box encryption for message security
-Utilizes secure session management with random IDs
-Implements CORS protection with proper headers
-Key Security Components:
+<h4>Nofuture Core Security Features:</h4><br>
+<ul>
+<li>Uses memguard for secure memory management</li>
+<li>Implements curve25519 for public-key cryptography</li>
+<li>Employs NaCl's box encryption for message security</li>
+<li>Utilizes secure session management with random IDs</li>
+<li>Implements CORS protection with proper headers</li>
+ </ul>
+<h4>Key Security Components:</h4>
-a) Memory Protection:
+a) <b>Memory Protection:</b>
-memguard.CatchInterrupt()
-defer memguard.Purge()
-This ensures sensitive data is wiped from memory when the program terminates or receives an interrupt signal.
+<pre>memguard.CatchInterrupt()
+defer memguard.Purge()</pre>
+<p>This ensures sensitive data is wiped from memory when the program terminates or receives an interrupt signal.</p>
-b) Session Management:
+b) <b>Session Management:</b>
-Private keys are stored in memguard.LockedBuffer
-Public keys are stored as regular bytes
-Sessions are managed in a thread-safe sync.Map
-Session IDs use cryptographically secure random generation
-c) Encryption Process:
+<p>Private keys are stored in memguard.LockedBuffer</p>
+<p>Public keys are stored as regular bytes</p>
+<p>Sessions are managed in a thread-safe sync.Map</p>
+<p>Session IDs use cryptographically secure random generation</p>
+
+c) <b>Encryption Process:</b>
Uses X25519 for key exchange
Implements box.Seal for authenticated encryption
@@ -39,23 +42,30 @@ Security Assessment:
The application provides strong protection against:
-RAM-based attacks:
-Protected by memguard's secure memory allocation
-Keys are automatically wiped from memory
-No sensitive data in regular heap memory
-Protected against cold boot attacks
-Network-based threats:
-All API endpoints use HTTPS
-Proper CORS implementation
-Input validation on all endpoints
-Session-based authentication
-Keylogging protection:
-Virtual keyboard bypasses system keyboard
-Randomized layout prevents pattern analysis
-No physical key events to intercept
-Protection against both software and hardware keyloggers
-Malware resistance:
-The combination of memguard protection and the virtual keyboard makes it extremely difficult for malware to capture sensitive data because:
+<h4>RAM-based attacks:</h4>
+<ul>
+<li>Protected by memguard's secure memory allocation</li>
+<li>Keys are automatically wiped from memory</li>
+<li>No sensitive data in regular heap memory</li>
+<li>Protected against cold boot attacks</li>
+ </ul>
+<h4>Network-based threats:</h4>
+<ul>
+<li>All API endpoints use HTTPS</li>
+<li>Proper CORS implementation</li>
+<li>Input validation on all endpoints</li>
+<li>Session-based authentication</li>
+ </ul>
+<h4>Keylogging protection:</h4>
+<ul>
+<li>Virtual keyboard bypasses system keyboard</li>
+<li>Randomized layout prevents pattern analysis</li>
+<li>No physical key events to intercept</li>
+<li>Protection against both software and hardware keyloggers</li>
+ </ul>
+
+<h4>Malware resistance:</h4>
+<p>The combination of memguard protection and the virtual keyboard makes it extremely difficult for malware to capture sensitive data because:</p>
Encryption keys are never exposed in regular memory
Virtual keyboard prevents keylogging
Screen recording is ineffective due to randomized layouts