[ Team LiB ]

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z] S/KEY  S/KEY dictionary  S/MIME email, certificates for  SACL (system access control list)  safe primes  2nd  SafeStr library  2nd      functions and C equivalents  SAFESTR_ALLOC( )  SAFESTR_CREATE( )  safestr_free( )  safestr_istrusted( )  safestr_reference( )  safestr_release( )  safestr_t type  SAFESTR_TEMP( )  SAFESTR_TEMP_TRUSTED( )  salt      dictionary attacks, prevention with      hardening hash functions against birthday attacks  sanitizing the environment  SASL (Simple Authentication and Security Layer)  saved user and group IDs  SAX (Symmetric Authenticated eXchange)  2nd      client side      server-side  Schneier, Bruce  secure programming      web sites  secure server certificates  securely creating child processes  securely signing and encrypting with RSA  SecureZeroMemory( )  security     authentication mechanisms, requirements      bit size of algorithms      function errors and      initialization and      weak vs. strong passwords  security identifiers  [See SIDs] Security Support Provider Interface (SSPI)  seeds, random numbers  select( )     preventing file descriptor overflows      typical usage  selecting a cipher mode  selecting a public key algorithm  selecting public key sizes  self-signed certificates  sequential nonces vs. random nonces  Serpent  2nd      home page  servers     authentication without third-party      for network logging      SSL servers, creating      SSL servers, improving efficiency with caching  session ID context  session IDs      IP addresses as elements of      secure formats for  session keys  session timeout  Set-Cookie headers  SET_FN_PTR macro  SET_VAR macro  setegid( ) and seteuid( )  setgid( ) and setuid( )      dropping privileges after use          drop order      privilege separation, limiting risk with  setgroups( )  SetInformationJobObject( )  2nd  setregid( )  setreuid( )  setrlimit( )  2nd  3rd  SetThreadToken( )  Setuid Demystified  setup_charset_map( )  setup_signal_handler( )  SHA-256, SHA-384, and SHA-512 algorithms  SHA1 (Secure Hash Algorithm 1)      DSA standard and      key generation using      LION      OpenSSL API      whitening, using for  Shamir, Adi  shared locks  shatter attacks, protecting Windows against  ShellExecute( ), risks of  shells, risks of environment variables  shuffling fairly  SID_AND_ATTRIBUTES structures  SIDs (security identifiers)  2nd  3rd  4th  5th  6th      disabling or restricting  sigaction( )  signal handling, perfoming properly      guidelines      program termination      writing signal handlers  signal_was_caught( )  signed data types, unsuitability for key representation  signing data using an RSA private key  SIGTRAP  Simple Authentication and Security Layer (SASL)  Òsimple blobÓ format  smc_encrypt utility  SNOW stream cipher  2nd  3rd      home page  snprintf( )  sockets      Entropy Gathering Daemon  [See EGD]     interprocess communication, using for          loopback address      Unix domain sockets, authentication using  SoftICE  software protection      anti-tampering techniques      bit and byte obfuscation          Obcode data types          Obcode library      checksum algorithms, detecting modification with          CRC32 algorithm      constant transforms on variables      costs          debugging difficulty          development time          maintainability      countering disassembly          function truncation          misalignment errors          using NULL bytes      crackers and their motivations      detecting debuggers          finding breakpoints          Unix          Windows      detecting SoftICE          function 0x43 of interrupt 0x68          int3 interface          ÒMelticeÓ technique      disguising Boolean values      function pointers, using      goals      hiding ASCII strings      merging scalar variables      obfuscating code          assembly-language, usage for          C program Òtest-and-branchÓ idiom          conditional expressions          shared library functions          test-for-zero operation          volatile keyword          vs.code maintainability      restructuring arrays          restructuring options      self-modifying code, using          build process complications          ELF executable files, code for encrypting          RC4 encryption      splitting variables      validation checks  spc _ctr_decrypt( )  spc_accept( )  2nd  spc_add_padding( )  spc_array_flat( )  spc_array_fold( )  spc_array_free( )  spc_array_get( )  spc_array_merge( )  spc_array_set( )  spc_array_split( )  spc_base64_encode( )  spc_bcprng_init( )  spc_bcprng_rand( )  spc_bin2words()  SPC_BLOCK_SZ macro  spc_cbc_decrypt( )  spc_cbc_decrypt_final( )  2nd  spc_cbc_decrypt_init( )  spc_cbc_decrypt_update( )  2nd  spc_cbc_encrypt_final( )  spc_cbc_encrypt_init( )  spc_cbc_encrypt_update( )  2nd  3rd  spc_cert_filename( )  spc_cfb_decrypt( )  spc_cfb_decrypt_update( )  spc_cfb_encrypt( )  spc_cfb_encrypt_update( )  2nd  spc_cfb_final( )  2nd  spc_check_int3( )  SPC_CIPHERQ data type  spc_cipherq_cleanup( )  spc_cipherq_decrypt( )  spc_cipherq_encrypt( )  2nd  spc_cipherq_setup( )  spc_confirmation_create( )  spc_confirmation_receive( )  spc_connect( )  spc_connect_ssl( )  spc_cookie_decode( )  spc_cookie_encode( )  spc_cookie_init( )  spc_create_nonced_digest( )  spc_create_sslctx( )  2nd  3rd  4th      flags  spc_create_x509store( )  spc_crypt_encrypt( )  spc_crypt_verify( )  spc_ctr_encrypt( )  spc_ctr_final( )  spc_ctr_update( )  2nd      keystream generation using  SPC_DEBUGGER_PRESENT macro  spc_decode_url( )  SPC_DECRYPT_INIT macro      AES, IDEA implementations  SPC_DEFINE_DBG_SYM macro  spc_delenv( )  SPC_DO_DECRYPT macro      block cipher implementations  SPC_DO_ENCRYPT macro      block cipher implementations  spc_double_mac( )  spc_drop_privileges( )  spc_email_isvalid( )  spc_enable_sessions( )  SPC_ENCRYPT_INIT macro      block cipher implementations  spc_entropy( )  2nd      FIPS testing, using in  spc_escape_html( )  spc_escape_sql( )  spc_extract_digest( )  spc_extract_nonce( )  spc_fd_free( )  spc_fd_setsize( )  spc_fd_wipe( )  spc_file_wipe( )  spc_fips_monobit( )  spc_fips_poker( )  spc_fips_runs( )  spc_fork( )  spc_gather_keyboard_entropy( )  spc_get_credentials( )  spc_getenv( )  spc_getsession( )  spc_group_ismember( )  spc_hex2bin( )  SPC_HMAC_Init( )  spc_host_check( )  spc_host_init( )  spc_incremental_hmac( )  spc_is_safedir( )  SPC_KEY_SCHED macro  spc_keygen( )  2nd  3rd  spc_krb5_cleanup( )  spc_krb5_client( ), client-side authentication using Kerberos  spc_krb5_decrypt( )  spc_krb5_encrypt( )  spc_krb5_isdes( )  spc_krb5_server( ), server-side authentication using Kerberos  spc_lion_decrypt( )  spc_lion_encrypt( )  spc_listen( )  spc_lock_file( )  spc_lookup_key( )  2nd  3rd  spc_mac127( )  spc_mac127_init( )  spc_make_derived_key( )  spc_make_fd_nonblocking( )  spc_md5_encrypt( )  spc_md5_verify( )  spc_mdc2_final( )  spc_mdc2_init( )  spc_mdc2_oneblock( )  spc_mdc2_update( )  spc_memcpy( )  spc_memmove( )  spc_memset( )  spc_memzero( ), key deletion using  spc_mprng_init( )  spc_mprng_rand( )  spc_next_varg( )  spc_ocspresult_t spc_verify_via_ocsp( )  spc_ofb_decrypt( )  spc_ofb_encrypt( )  spc_ofb_final( )  spc_ofb_update( )  2nd  3rd  spc_omac_final( )  2nd  spc_omac_update( )  2nd  spc_omac1_init( )  2nd  spc_OMAC1_nonced( )  spc_omac2_init( )  spc_omc_update( )  spc_pam_login( )  spc_pam_logout( )  spc_pbkdf2( )      arguments  spc_pbkdf2_encrypt( )  spc_pbkdf2_verify( )  spc_pctr_do_odd( )  spc_pctr_setup( )  2nd  SPC_PIPE object  spc_popen( )  spc_print_hex()  spc_putenv( )  spc_rand( )  2nd  3rd      getting random integers using      HMAC-SHA1 pseudo-random number generator      OpenSSL PRNG, usage in      RC4 as a PRNG  spc_rand_add_entropy( )  spc_rand_init( )  spc_rand_range( )      random integer in a range, generation with      shuffling using  spc_rand_real( )  spc_rand_uint( )  spc_read_password( )  spc_reconnect( )  spc_remember_cert( )  spc_remember_key( )  spc_remove_padding( )  spc_restore_privileges( )  spc_rsrclimit( )  spc_sanitize_environment( )  spc_sanitize_files( )  spc_send_credentials( )  spc_smc_decrypt( )  spc_socket_accept( )  spc_socket_close( )  spc_socket_recvfrom( )  spc_socket_sendto( )  spc_socketpool_close( )  spc_socketpool_init( )  spc_socketpool_setlimit( )  spc_ssock_client_send( )  spc_ssock_t object     erasure      initialization  SPC_TEST_BOOL macro  spc_threadpool_cleanup( )  spc_threadpool_init( )  spc_threadpool_schedule( )  2nd  spc_throttle( )  spc_trap_detect( )  spc_unix_connect( )  spc_unix_server( )  SPC_USE_DBG_SYM macro  spc_user_getname( )  spc_utf8_isvalid( )  spc_verify_callback( )  spc_verify_cert( )  spc_verify_cert_hostname( )  spc_verify_nonced_digest( )  spc_verify_via_ocsp( )  spc_verifyandmaybesave_callback( )  spc_words2bin()  spc_x509store_addusecert( )  spc_x509store_clearflags( )  spc_x509store_setcafile( )  spc_x509store_setcallback( )  spc_x509store_setcapath( )  2nd  spc_x509store_setcrlfile( )  spc_x509store_setflags( )  spc_x509store_setusecertfile( )  spc_x509store_t objects  2nd  SpcDecrypt( )  SpcEncrypt( )  SpcExportKeyData( )  SpcFingerPrintCert( )  SpcGatherKeyboardEntropy( )  2nd  SpcGatherMouseEntropy( )  2nd  SpcGetCertCRLURL( )  SpcGetCryptContext( )  SpcGetExportableContext( )  2nd  SpcImportKeyData( )  2nd  SpcIncrementalHMAC( )  SpcLockResource( )  SpcLookupCACert( )  2nd  SpcLookupName( )  SpcLookupSid( )  SpcMakeTempFile( )  SpcNewStoreForCert( )  SpcPBKDF2( )  SpcResolvePath( )  SpcRetrieveCRL( )  SpcSetIV( )  SpcUnlockResource( )  SpcVerifyCert( )  SpcVerifyCertHostName( )  SpcWipeFile( )  SPLIT_VAR macro  spoofing of hostnames, IP addresses  sprintf( )  SQL injection attacks  SRP (Secure Remote Password)  SSL (Secure Sockets Layer)      clients, creating      database connections, securing with          MySQL          PostgreSQL      servers, creating      session caching      session caching modes      sessions vs. connections      tunnels      verifying a peerÕs certificate  SSL_accept( )  SSL_CTX objects  2nd      flagging and modes  SSL_CTX_set_cipher_list( )  SSL_CTX_set_verify( )  SSL_SESSION objects  SSL_SESSION_free( )  SSLv2 protocol, insecurity of  SSPI (Security Support Provider Interface)  stack-smashing attacks      preventive technologies  StackGuard  stat( )  station-to-station protocol  stdarg.h file  stdin, stdout, and stderr file descriptors  Stevens, W. Richard  str, input to spc_words2bin( )  strcpy( )  strdup( )  stream ciphers  2nd  3rd      precomputing keystream for      PRNGs compared to      using as PRNGs          RC4  strings of random ASCII characters, getting  strlcat( )  strlcpy( )  strncpy( )  2nd  strsafe.h  Stunnel      accept and connect keys      certificate and verification limitations      client mode, enabling      configuration file      server mode, enabling      Version 4.00 changes in configuration controls  surreptitious forwarding attacks  symmetric cryptography      algorithms          choosing          noncommercial, patent-free implementations          speed          supporting multiple      cipher modes          CBC (Cipher Block Chaining)  2nd          CCM (CTR plus CBC-MAC) mode          CFB (Cipher Feedback) mode  2nd          CTR (counter)  2nd          CWC (Carter-Wegman + CTR)  2nd          ECB (Electronic Code Book)  2nd          OCB (Offset Codebook) mode          OFB (Output Feedback) mode  2nd          selecting      CryptoAPI key objects, creating from symmetric keys      keys         extraction from CryptoAPI key objects          generating from one secret          length          length of configurable ciphers          length of public keys, compared to          passwords, conversion to      providing forward secrecy      random data, effective usage      shared secrets      stream ciphers  symmetric encryption algorithms  symmetric primitives  synchronization of resource access      across processes         Unix          Windows  syslog utility  syslog( )  syslog-ng  system access control list (SACL)  system( ), risks of

[ Team LiB ]