Collaborate Disseminate
A pair of Russia-designed cryptographic algorithms — the Kuznyechik block cipher and the Streebog hash function — have the same flawed S-box that is almost certainly an intentional backdoor. It’s just not the kind of mistake you make by accident, not in 2014…. Continue reading Cryptanalyzing a Pair of Russian Encryption Algorithms
GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet. News article…. Continue reading Enigma, Typex, and Bombe Simulators
Many files begin with a “well-known” header sequence which I imagine helps a lot in performing cryptanalysis over a huge number of data transfers.
So I have the thought of prepending a block or two of random data to make cry… Continue reading Will prepending random data (of random length) result in more secure communication?
This is interesting research: "On the Security of the PKCS#1 v1.5 Signature Scheme": Abstract: The RSA PKCS#1 v1.5 signature algorithm is the most widely used digital signature scheme in practice. Its two main strengths are its extreme simplici… Continue reading Evidence for the Security of PKCS #1 Digital Signatures
This is interesting research: "On the Security of the PKCS#1 v1.5 Signature Scheme": Abstract: The RSA PKCS#1 v1.5 signature algorithm is the most widely used digital signature scheme in practice. Its two main strengths are its extreme simplicity, which makes it very easy to implement, and that verification of signatures is significantly faster than for DSA or ECDSA. Despite the… Continue reading Evidence for the Security of PKCS #1 Digital Signatures
Lots of people are e-mailing me about this new result on the distribution of prime numbers. While interesting, it has nothing to do with cryptography. Cryptographers aren’t interested in how to find prime numbers, or even in the distribution of prime numbers. Public-key cryptography algorithms like RSA get their security from the difficulty of factoring large composite numbers that are… Continue reading New Findings About Prime Number Distribution Almost Certainly Irrelevant to Cryptography
Recently, Apple introduced restricted mode to protect iPhones from attacks by companies like Cellebrite and Greyshift, which allow attackers to recover information from a phone without the password or fingerprint. Elcomsoft just announced that it can easily bypass it. There is an important lesson in this: security is hard. Apple Computer has one of the best security teams on the… Continue reading Defeating the iPhone Restricted Mode
I’m running the below Nmap command to test the strength of the cipher suites I have used in my host
nmap -sV –script ssl-enum-ciphers -p 8673 <host>
My server supports TLSv1, TLSv1.1, TLSv1.2
I’m using an older NMA… Continue reading Clarifications regarding testing the cipher using NMAP scan
EFF is reporting that a critical vulnerability has been discovered in PGP and S/MIME. No details have been published yet, but one of the researchers wrote: We’ll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. There are currently no reliable… Continue reading Critical PGP Vulnerability
Learning about cryptography. Experimenting with attacking the algorithm it’s self. My question regards vocabulary basically. Are encryption keys and certificates the same thing or are they different?
If they are the same, good, if not the… Continue reading Is there a difference between encryption keys and encryption certificates?