p7mj/Sierra-Security
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b17b7e85a1164c043b6de7945c00699f36bea5c6
Sierra-Security/README.md
SpyDrone b17b7e85a1 Update README.md
2026-01-31 21:43:01 -05:00

45 lines
2.9 KiB
Markdown
Raw Blame History

# Sierra Security
<h3>Introduction</h3>
Sierra Security is a verification system I plan to integrate across my systems. It ensures that only people with the correct program and numeral keys can generate the same IDs, which are used to unlock my programs.
<h3>Modules</h3>
The code is designed to be pasted at the start of your program. There are many variations for this module. Ensure that you are downloading the correct one:
* `sierra-security-combination-x-x-x.py`: Combination of uuid verification and generation. **Do not use for locks.**
* `sierra-security-generation-x-x-x.py`: Generation only, suitable for portable "keychains".
* `sierra-security-verification-x-x-x.py`: Verification only, suitable for locks.
---
## V. A-2 Technical Enhancements & Hardening
Compared to the original A-1 logic, the **Version A-2** suite includes several critical security and cryptographic enhancements to prevent unauthorized access and forensic recovery across all P7MJ software.
### 1. Brute-Force Immunity (Hash Stretching)
* **The Upgrade**: Implements **50,000 rounds** of SHA-256 hashing (Hash Stretching). This forces the computer to perform significant mathematical work for every single guess.
* **Impact**: Even if an analyst identifies the 0-999 key range, testing all 1,000 keys would now take an automated script hours to complete. Since the ID expires every 15 minutes, brute-forcing is mathematically impossible.
### 2. Cryptographic Rolling Salt (Daily Expiration)
* **The Upgrade**: The internal cryptographic "base" of the program now shifts every 24 hours based on the current UTC date string.
* **How it Works**: The salt remains consistent for a 24-hour window. However, at 00:00 UTC, the date changes, causing the resulting UUIDs for the exact same keys to change entirely.
* **Impact**: If a master key or authorized UUID is leaked or captured by a listener today, it becomes **completely useless tomorrow**. This prevents long-term replay attacks.
### 3. Global Sync (UTC Persistence)
* **The Problem**: Standard local time varies by region, causing synchronization failures between a keychain and a target PC.
* **The Fix**: Synchronized to **Coordinated Universal Time (UTC)** using timezone-aware objects.
* **Impact**: Your keychain (phone/laptop) and your programs will always match perfectly, regardless of travel or geographical location.
### 4. Anti-Automation Delay
* **The Logic**: Added an artificial 1.5-second `time.sleep()` during the verification process.
* **Impact**: Limits the speed of manual or macro-based attempts. Combined with the 3-chance limit, automated "brute-force spam" is rendered ineffective.
### 5. Premium Visual Identity
* **Upgrade**: Switched to high-fidelity "Sierra Curvy" ASCII art and implemented ANSI color-coding (Blue/Green/Red/Yellow).
* **Impact**: Improved user experience and a professional, "elite" software feel.
---
*Developed for All P7MJ Projects 2026*
Reference in New Issue View Git Blame Copy Permalink