CIA’s peddle power
I’ve had a couple of opportunities to apply what I have learnt in the real world this week. Estimating Attacker Power This degree has affected my tv habits, seeing me gravitate towards security and detective related genres, which I do enjoy, I’m just making time to watch them. So this week I started watching the […]
Authentication protocols and attacks
We authenticate to solve real world problems. For example I want me to be able to access my bank account and I don’t want anyone else to. Identity is tied up with authentication. The authentication is linked to a digital identity, and this is then linked to a person. But what stops another person from […]
Hash definitions and attacks
There’s a lot to remember about hashes, so I’m bringing the definitions into one place as a reference. Term Definition Avalanche effect Small changes in the output lead to bif changes in the output, with one bit change on the inpute creating change to at least 50% of the output. Deterministic An input will always […]
Hashes and Cryptographic Hashes
Encryption is the glamourous part of confidentiality, today we will look at hashes. We’ll cover regular and cryptographic hashes, a bit of history then we’ll look at ways to attack them. Hashing In the last podcast we talked about tamper evidence with wax seals, magic numbers and MACs. It turns out the magic number is […]
The Telegraph Problem, MACS
Integrity of messages is a problem that is as old as messengers. In the old days, people would seal a message, they knew they couldn’t prevent interception and tampering, but they could make it tamper evident. To an extent. A good example is the telegraph problem. Back in the wild west, banks would telegraph each […]
Symmetric Ciphers
A long post today, we’ll recap of classic ciphers, look at the history of modern symmetric ciphers. Finally we’ll look at entropy, a way of telling if you actually have the real plain text after you have cracked a cipher. Classic Ciphers First let’s review encryption as we know it so far: Steganography – hiding […]
RSA Practice
Now that we covered asymmetric cryptography and and how RSA works, there’s nothing like working through equations to understand them. So let’s do some practice RSA key generation. We’ll use small numbers for the examples so we can do it by hand, just to understand the equation. Just a reminder from Asymmetric Cryptography on the […]
Asymmetric Cryptography
We learnt about the basics of cryptography when we learnt about ciphers and secrets. These involve symmetrical cryptography, meaning that the person doing the enciphering and the person doing the deciphering bothe used the same key. It’s great, but shared secrets have always been the challenge of encryption: How do we share the key? If […]
Merkle Puzzles
Merkle puzzles are the first publicly recorded example of asymmetric cryptography. It was devised by Ralph Merkle, he was trying to work out a way to remove the need for a shared secret key, to remove the need for people meeting first to exchange their key (or risk someone else seeing it by sending the […]
One time pad
A one time pad is what’s known as a perfect cipher. Without the key it is uncrackable and can’t be brute forced. The penny dropped for me on how one time pads work this week, so I thought I would share how it works. I’m going to use the King James Bible (KJB) as a […]