Encrypted Database provider zeroDB goes open source

ZeroDB is an end-to-end encrypted database. Data can be stored on untrusted database servers without ever exposing the encryption key. Clients can execute remote queries against the encrypted data without downloading all of it or suffering an excessive performance hit.


ZeroDB sources published at github.

ZeroDB-server sources

information about zerodb technology


Ukraine’s new encryption standart: The Kalyna Block Cipher

The Kalyna block cipher was selected during Ukrainian National Public Cryptographic Competition (2007-2010) and its slight modification was approved as the new encryption standard of Ukraine in 2015. Main requirements for Kalyna were both high security level and high performance of software implementation on general-purpose 64-bit CPUs. The cipher has SPN-based (Rijndael-like) structure with increased MDS matrix size, a new set of four different S-boxes, pre- and postwhitening using modulo 2^{64} addition and a new construction of the key schedule. Kalyna supports block size and key length of 128, 256 and 512 bits (key length can be either equal or double of the block size).


New Generation Secure Mail Providers: Lavaboom vs Protonmail vs Tutanota

Lavaboom is an open source end to end encrypted email provider from Germany

Key Features:
-sleek user interface
-supports 3 languages at interface (english, deutsch, french)
-key-pair management
-export keys as json
-full openpgp implementation
-lavaboom sync to host keys
-yubikey support for premium users (should be for anyone)

Protonmail is a swiss based email provider. All hosting is located at Switzerland.

Key Features:
-Protected by Switzerland privacy laws
-Custom css support
-One domain alias (works with .ch and .com domains)
-Extra box password to reach content (2nd auth)
-Full disk encryption


Tutanota is another Germany based hence they claim to be protective against NSA wiretapping.

Key Features:
-Default Delivery mode
-one username alias also on package (You can use yourname@tutanota.com and yournamesomething@tutanota both in one mailbox)
-minimalist, fast interface
-mobile applications
-tutanota means “secure message” in latin


Feature             Lavaboom          Protonmail                Tutanota

SSL (Qualys Degree) A+ (4096bits)     A+ (4096bits)             A (2048bits)

Open Source         Has Github Repo   (?)                       Has Github repo

Key Management      +                 -(an empty tab for it)    -

Encryption          OpenPGP            Aes256 bits (CBC mode ?)  Aes 128 bits

Plans               500mb free         1gb beta                  1gb beta
                    1gb beta                                     5gb promotion
                    2gb kickstarter
                    15gb premium

Final opinions: These European providers has good European laws to hide behind, but they are not generous about quotas. Protonmail has left big questions on my mind when i tried to inspect the code. Protonmail has to be open source it rapidly to earn trust. My Points (over 10): Lavaboom 8, Tutanota 7, Protonmail 5.

I thank to all providers for letting me accept beta programs.

OpenSSH 6.9 released; chacha20-poly1305 is the default cipher now

New Features

* ssh(1), sshd(8): promote chacha20-poly1305@openssh.com to be the
default cipher

* sshd(8): support admin-specified arguments to AuthorizedKeysCommand;

* sshd(8): add AuthorizedPrincipalsCommand that allows retrieving
authorized principals information from a subprocess rather than
a file.

* ssh(1), ssh-add(1): support PKCS#11 devices with external PIN
entry devices bz#2240

* sshd(8): allow GSSAPI host credential check to be relaxed for
multihomed hosts via GSSAPIStrictAcceptorCheck option; bz#928

* ssh-keygen(1): support “ssh-keygen -lF hostname” to search
known_hosts and print key hashes rather than full keys.

* ssh-agent(1): add -D flag to leave ssh-agent in foreground without
enabling debug mode; bz#2381

GnuPG 2.1.6 released

Changes in 2.1.6

* agent: New option –verify for the PASSWD command.

* gpgsm: Add command option “offline” as an alternative to

* gpg: Do not prompt multiple times for a password in pinentry
loopback mode.

* Allow the use of debug category names with –debug.

* Using gpg-agent and gpg/gpgsm with different locales will now show
the correct translations in Pinentry.

* gpg: Improve speed of –list-sigs and –check-sigs.

* gpg: Make –list-options show-sig-subpackets work again.

* gpg: Fix an export problem for old keyrings with PGP-2 keys.

* scd: Support PIN-pads on more readers.

* dirmngr: Properly cleanup zombie LDAP helper processes and avoid
hangs on dirmngr shutdown.

* Various other bug fixes.

Download Links

ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.6.tar.bz2 (4802k)

This is the GnuPG source code compressed using BZIP2 and its OpenPGP

ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.6_20150701.exe (2577k)