Collaborate Disseminate
EFF is reporting that a critical vulnerability has been discovered in PGP and S/MIME. No details have been published yet, but one of the researchers wrote: We’ll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. There are currently no reliable… Continue reading Critical PGP Vulnerability
Learning about cryptography. Experimenting with attacking the algorithm it’s self. My question regards vocabulary basically. Are encryption keys and certificates the same thing or are they different?
If they are the same, good, if not the… Continue reading Is there a difference between encryption keys and encryption certificates?
Interesting symmetric cipher: LC4: Abstract: ElsieFour (LC4) is a low-tech cipher that can be computed by hand; but unlike many historical ciphers, LC4 is designed to be hard to break. LC4 is intended for encrypted communication between humans only, and therefore it encrypts and decrypts plaintexts and ciphertexts consisting only of the English letters A through Z plus a few… Continue reading LC4: Another Pen-and-Paper Cipher
The ISO has rejected two symmetric encryption algorithms: SIMON and SPECK. These algorithms were both designed by the NSA and made public in 2013. They are optimized for small and low-cost processors like IoT devices. The risk of using NSA-designed ciphers, of course, is that they include NSA-designed backdoors. Personally, I doubt that they’re backdoored. And I always like seeing… Continue reading Two NSA Algorithms Rejected by the ISO
The ISO has rejected two symmetric encryption algorithms: SIMON and SPECK. These algorithms were both designed by the NSA and made public in 2013. They are optimized for small and low-cost processors like IoT devices. The risk of using NSA-designed ciphers, of course, is that they include NSA-designed backdoors. Personally, I doubt that they’re backdoored. And I always like seeing… Continue reading Two NSA Algorithms Rejected by the ISO
What is a good source for an [American] English character frequency analysis containing the space character?
I have seen this Norvig analysis, and it does not contain frequencies of the space character. This is the only anal… Continue reading What is a good resource for character counts in English (American) texts including the space character?
Matthew Green wrote a fascinating blog post about the NSA’s efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA’s backdoor into the DUAL_EC_PRNG random number generator to weaken TLS….
The post… Continue reading The “Extended Random” Feature in the BSAFE Crypto Library
Matthew Green wrote a fascinating blog post about the NSA’s efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA’s backdoor into the DUAL_EC_PRNG random number generator to weaken TLS…. Continue reading The "Extended Random" Feature in the BSAFE Crypto Library
Infrared remote controls are simple and ubiquitous. Emulating them with the aid of a microcontroller is a common project that hackers use to control equipment as diverse as televisions, cable boxes, and home stereos. Some air conditioners can be a little more complicated, however, but [Ken]’s here to help.
The root of the problem is that the air conditioner remote was using a non-obvious checksum to verify if commands received were valid. To determine the function generating the checksum, [Ken] decided to bust out the tools of differential cryptanalysis. This involves carefully varying the input to a cryptographic function and …read more
Wikipedia reports:
A 2011 attack breaks preimage resistance for […] 52 out of 64 rounds for SHA-256. Pseudo-collision attack against up to 46 rounds of SHA-256.
I am having trouble determining/understanding whether th… Continue reading How is a "SHA256 reduced by X of Y rounds" built?
