Categories

• tech 17
• program 48
• dns 56
• pastime 12
• security 42
• crypto 91
• privacy 6
• automotive 4
• device 27
• chip 24

tech

• overtls
• visio导出所有sheet页为svg，直接嵌入latex
• v2ray
• trojan
• git删除部分commit
• archlinux: beamer
• pdf文件处理，如分割、合并等等
• 使用Magick++转换图片格式
• archlinux
• debian
• Vim
• linux/windows 双系统调整分区后重启显示 grub rescue
• VPS Linux Hotcloning 系统备份，双机热备
• 3proxy
• Firefox OS app 开发笔记
• windows : cmd 控制台 字体
• ssh tunnel

program

• WWW::Mechanize::Chrome headless 提交表单
• windows下安装plantuml
• Eclipse + Maven 新建 java project，导出可执行的jar
• apache环境下perl Mojolicious站点letsencrypt证书renew失败的问题
• Perl
• Parsing with Perl 6 Regexes and Grammars
• curl / perl HTTP::Tiny 使用浏览器保存的 http cookie
• 用 sendEmail 发送带中文名的邮件附件，下载时附件文件名乱码的问题
• ggplot2 : scale axis 调整坐标轴
• Perl : RTF::Writer 生成rtf文件
• cpan : Net::IDN::Encode 中文域名punycode转换
• rebol 笔记: 字符串处理函数
• rebol 笔记: 嵌套函数 nesting function
• R : kmeans 笔记
• Perl : Gearman 分发任务
• Linux : 用 sendemail 指定 发件人，并发送带附件的邮件
• rebol tips
• Rebol 资料
• rebol 的 parse 解析
• 语法解析相关：REGEX 正则，BNF，RPN
• Csharp
• perl Net::SMTP::SSL 发邮件
• Let Over Lambda
• IP database 地址库
• google chart 画图
• R 数据操作笔记
• 用 wireshark / tshark 分析 adobe flash 在线视频rtmp地址，用rtmpdump下载保存为flv文件
• 取网页并解析数据 ：几种 web crawler 对比
• curl : 提交 post 请求 到 https 的form，以sslv3为例
• 几个字符串比对算法 KMP, Horspool , Boyer-Moore, Sunday
• Perl : 中文 unicode, utf8 字符串转换
• 画中国地图 china map
• Lisp
• common lisp 的正则库 cl-ppcre
• Lisp 库 Alexandria Manual
• Perl Web::Scraper 结构化提取网页内容
• CasperJS : 基于 PhantomJS / SlimerJS 的javascript Web Crawler 工具
• perl 管道 pipe
• javascript ：从utf8页面选取内容提交到只接收gbk编码的表单乱码的问题
• perl Parse::RecDescent 递归下降解析文本
• R : plyr 笔记
• perl Encode 字符集编码解码
• R : reshape2 笔记
• 给定一个无序数组，找出不在数组中的最小正整数
• R 语言 资料
• hash : 构造冲突串使hash退化为链表
• ChartDirector 安装 （Perl版）
• 用 graphviz 画图

dns

• deleg
• dnssec keytrap
• Note: Adaptive DNS Discovery
• Operational Considerations for use of DNS in IoT devices
• DNS: NXNSAttack
• httpdns
• Android: bionic dns 分析
• 笔记：Resolverless DNS
• DNS解析性能影响参数
• dns multiple question drafts 对比分析
• NSEC + wildcard 的实现缺陷
• httpbis ORIGIN & Secondary Certificate Authentication ; DNS DOH
• DNS
• DNSSD Privacy
• NSEC3PARAM 的hash迭代次数问题
• RFC6844, DNS Certification Authority Authorization (CAA) Resource Record
• 搭建 dnsmasq + dnscrypt 解析组合
• SRV & MDNS & DNS-SD & Multicast Discovery Proxy
• draft: Split DNS Configuration for IKEv2
• RFC6408: Diameter S-NAPTR
• debug: Perl Net::DNS 1.06 响应包不带EDNS OPT的问题处理
• dns root: ICANN RSSAC Root Scheme Analysis
• dns : dnssec, nsec(3), nxdomain
• 一些 dns draft 笔记
• DNS-OARC: 2016.04 阿根廷 会议
• DNS : disposable domain query 临时域名查询
• DNS Privacy: 隐私方案分析
• DNS Privacy : NSA’s MORECOWBELL - Knell for DNS 笔记
• draft: pmta 基于DANE的安全支付方案
• DNS-OARC: 2015.10 加拿大 会议
• RFC6698: TLSA
• draft: TLS for DNS
• draft: IPSECA
• draft: confidential dns
• draft: dns cookies
• DNS-OARC: 2015.05 会议
• dns software: 软件识别
• DNS : NSEC5 笔记
• DNS-OARC: 2013 会议
• dns software: pcap 拆包
• DNS Security : DDoS, Hijack, Configure Error, Management 安全事件
• DNS Security: RRL <=> CACHE POISON
• recursive resolver: 递归DNS
• authoritative server: 权威DNS
• DNS Root & Anycast
• DNS software: Bind
• RFC 6891 : DNS EDNS0
• Wireshark 解析 DNS 数据包的细节
• DNS Security: DNSCURVE
• Book: DNS and BIND Cookbook
• Book: DNS in Action
• Book: Pro DNS and BIND
• DNS orgnization: 相关组织机构
• cache dns/forwarding resolver: 缓存递归DNS服务器
• public recursive resolver: 公共递归DNS服务器
• DNS RR 资源记录

pastime

• 左传·襄公二十四年: 三不朽
• 王安石《游褒禅山记》
• 飘灯：素衣莫起风尘叹，江湖再见
• 体操追星贴，眭禄
• 体操
• 体操追星贴，江钰源
• 王安石《读孟尝君传》
• 国语: 周语上《召公谏厉王弭谤》
• 张孝祥《六州歌头》
• 绿晋江坑品查看器
• 红晋江帖子的右键查询
• 绿晋江小说的右键查询

security

• telegram
• SD-JWT
• dbsc
• Nist SP 800-207A: A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Cloud Environments
• BSI TR-02102-3: IPsec/IKE
• SeND
• RFC7435: Opportunistic Security: Some Protection Most of the Time
• Noise
• NISTIR 8344: Ontology for Authentication
• NISTIR 8276: Key Practices in Cyber Supply Chain Risk Management: Observations from Industry
• MLS: Message Layer Security
• cellular algorithm
• CII
• Cyber-physical system
• Bluetooth Security
• TR-069
• Time Protocol
• RFC8471: The Token Binding Protocol
• wifi
• zoom security
• NIST: Improving Critical Infrastructure Cybersecurity
• IPv6 Security
• w3c: Verifiable Credentials Data Model
• nfc
• Web Authentication
• Network Service Header (NSH)
• ALTS, Application Layer Transport Security
• mail 邮件相关协议 MX, SMTP, SPF, DKIM, DMARC, ARC, POP, IMAP
• WPA2 KRACK
• SAML & CA SSO (SiteMinder) & OAuth2 & OpenID & FIDO & Kerberos & JWT & OIDC(OpenID Connect)
• MQTT & MQTT-SN & CoAP
• OID-ORS & EPC-ONS & DOI-Handle
• RFC: RPKI & BGPsec
• 广电网络
• 用 pandoc2rfc 生成 ietf draft
• 认证授权协议：OAuth2 笔记
• RPKI ROA 部署问题
• 路由识别 route
• RPKI 概要
• QUIC : quick udp internet connections
• 杂感，安全
• 笔记: BGP安全

crypto

• Schnorr MuSig
• kyber kex
• pqxdh
• PuTTY vulnerability vuln-p521-bias
• imessage pq3
• SSH: TerrapinAttack
• KVAC
• openssl OSSL_PARAM 的 endian 处理
• HD Wallets
• FROST
• Verifiable Delay Functions
• Verifiable Distributed Aggregation Functions
• RFC7664: Dragonfly Key Exchange
• Key Blinding for Signature Schemes
• FIPS 186-5 Digital Signature Standard (DSS)
• BLS Signatures
• The BBS Signature Scheme
• ZKP: Zero Knowledge Proofs, ZK-SNARK
• ProVerif
• RFC 8937: Randomness Improvements for Security Protocols
• ake
• NIST SP 800-185: SHA-3 Derived Functions
• RFC8235: Schnorr Non-interactive Zero-Knowledge Proof
• RSA Blind Signature
• TR-03145-1. Secure CA operation, Part 1
• Oblivious Pseudorandom Functions (OPRFs) using Prime-Order Groups
• TLS: host verifier
• vrf: verifiable random functions
• On Ends-to-Ends Encryption:Asynchronous Group Messaging with Strong Security Guarantees
• qDSA
• Groups of Points of Elliptic Curves
• BSI TR-02102-1: Cryptographic Mechanisms:Recommendations and Key Lengths
• Hedged Fiat-Shamir Signature
• hash to curve
• RFC9180: HPKE
• Double Ratchet
• x3dh, signal
• 国密 sm2349
• Direct Anonymous Attestation
• KEMTLS: Post-quantum TLS without handshake signatures
• CBC: Padding Oracle Attack
• TLS Raccoon Attack
• 密钥证书关键字
• crypto key
• helib
• IBE
• paillier crypto
• NIST SP 800-56: Key-Establishment
• tls esni
• RFC 5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
• rfc8032: Edwards-Curve Digital Signature Algorithm (EdDSA)
• TLS record layer 与 handshake layer 的 protocol version mismatch
• secure random
• QKD: Quantum key distribution
• PQC: supersingular isogeny
• PQC: Lattice-based
• PQC: Multivariate Cryptography
• PQC: code based
• PQC: hash based signature
• PFS & PAKE
• RFC4493: The AES-CMAC Algorithm
• SEC 1: Elliptic Curve Cryptography
• PKCS #15 v1.1: Cryptographic Token Information Syntax
• RFC7292 PKCS #12: Personal Information Exchange Syntax
• PKCS#11 Cryptographic Token Interface
• RFC2986 PKCS #10 Certification Request Syntax Specification
• RFC2985: PKCS #9: Selected Object Classes and Attribute Types
• RFC5958 PKCS#8 Asymmetric Key Packages
• RFC5084: Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS)
• RFC8018 PKCS#5 Password-Based Cryptography Specification
• RFC8017 PKCS#1 RSA
• RFC2631 PKCS#3 Diffie-Hellman Key Agreement Method
• RFC2315 PKCS#7: Cryptographic Message Syntax
• ASN.1 BER DER
• NIST SP 800-90A DRBG
• ocsp must staple
• Crypto Doc
• ecc
• ETSI eTLS
• AES
• TLS, DTLS
• PKI
• ASN.1, Certificate, PKCS, openssl
• HMAC, HMAC-SHA-256, OCSP相关
• Extension for protecting (D)TLS handshakes against Denial of Service
• 笔记：Token Binding for 0-RTT TLS 1.3 Connections
• 笔记 ：TLS 1.3 & TLS 1.2 Handshake & Resumption
• TLS token binding 安全扩展
• 认证协议：Bitcoin address authentication protocol (BitID)
• 统一登录，支付安全：fido (Fast Identify Online)
• Dual_EC_DRBG 随机数生成算法 NSA后门

privacy

• Privacy Pass Protocol Specification
• Privacy
• differential privacy
• Mozilla: 安全、平等、隐私、自由
• IP Anonymization 匿名化处理
• Privacy Pass

automotive

• Automotive Security
• v2x implicit cert
• SOME/IP
• Vehicle Bus Protocol: CAN, LIN, FlexRay, MOST

device

• Matter
• Android: on device signing
• Android: LockSettings
• Android: Verified Boot
• Android: Trusty TEE
• Android: selinux
• Android: Identity Credential
• Note: apple hap
• Android: Remote Key Provision (RKP)
• MTK: Google Attestation Key Tool User Guide
• RFC9019: A Firmware Update Architecture for Internet of Things
• The Android Platform Security Model
• eap-noob
• Android: Keystore
• android: encryption
• Android: Authentication
• android: apk signing
• MS-CDP: Connected Devices Platform Protocol
• Google Nearby
• Apple Continuity
• Android: FBE
• android avb
• esim
• iot security
• Note: Apple Platform Security
• Android Dev
• ios/android 程序签名校验

chip

• tpm 2.0
• arm aarch64交叉编译，支持openssl
• Arm: Trusted Base System Architecture
• PSA TBSA-M: Arm Platform Security Architecture Trusted Base System Architecture
• Trust Zones: A Path to a More Secure Internet Infrastructure
• Arm: Trustzone
• ARM: Generic Interrupt Controller (GIC)
• Arm: virtualization
• Arm: Secure software guidelines
• Arm: Instruction Set Architecture
• Arm: Memory Model
• Arm: Memory Management
• Arm: Generic Timer
• Arm: Exception Model
• Arm: Introducing the Arm architecture
• arm elf
• ARM: PAC, BTI, MTE
• DICE
• arm doc
• TEE
• Arm Secure Boot: Trusted Board Boot Requirements CLIENT (TBBR-CLIENT) Armv8-A
• RPMB (Replay Protected Memory Block)
• Secure Boot: Qualcomm Secure Boot and Image Authentication
• DRM Widevine