Collaborate Disseminate
What would be an attack against an insecure instance of the OTP cipher given two challenge ciphertexts using the same key in order to get the plaintext? I’ve tried to implement some approaches with Python but it did not work.(I’m a beginne… Continue reading Attack against OTP Cipher
Assuming I had two ciphertexts which were encrypted using the same key that has the same length with the ciphertexts. (However the keys didn’t have any repetitions or features that would assist in frequency analysis).
Apart from the crib d… Continue reading Cracking Viginere Ciphers using same-length key used twice [migrated]
Let’s say that during account creation, I already prohibit passwords known to be reused from breaches of other sites, like if it’s in the Have I Been Pwned list. But breaches happen all the time, so what if my customers’ passwords show up … Continue reading What wrong with this system to proactively check if customers’ passwords have been found in a breach?
I am currently working on a security-based product (VPN) and we have one critical requirement that I am unable to figure out.
The connection between the User and the VPN server is based on the OTP (One-time Pad) algorithm a… Continue reading Additional Encryption of SSL certificate and Public key before handshake?
Solitaire is a method for encrypting messages by hand. Reading it though, the only advantage the Solitaire has over a one time pad is that it can encrypt longer messages. It requires a new, random key for each message, just l… Continue reading What method to compress English by hand has the highest compression ratio?
Voja Antonic designed this fantastic retrocomputing badge for Hackaday Belgrade in 2018, and it was so much fun that we wanted to bring it stateside to the Supercon essentially unaltered. And that meant that Voja had some free time to devote to a new hardware giveaway: the Cube. So while his talk at Supercon in November was ostensibly about the badge, he just couldn’t help but tell us about his newer love, and some of the extremely clever features hidden within.
It’s funny how the hardware we design can sometimes reflect so much on the creator. Voja designed then-Yugoslavia’s first …read more
I am wondering how is should i implement one-time pad encryption in my code.
I use 16-byte pages at the moment, and the implementation in Golang from the page: https://github.com/ryanuber/go-otp/blob/master/otp.go (line 83 i… Continue reading How is secure for OTP implementation to use pages smaller than the payload?
Most accounts with two factor authentication (2FA) provide you with backup codes to use in case your phone is lost or stolen. For example, Google provides a list of 10 backup codes when setting up 2FA. These codes need to be … Continue reading Using a manual cipher to secure Two Factor Authentication (2FA) backup codes
It seems that new stories of insecure-by-design IoT devices surface weekly, as the uneasy boundary is explored between the appliance and the Internet-connected computer. Manufacturers like shifting physical items rather than software patches, and firmware developers may not always be from the frontline of Internet security.
An interesting aside on the security of IoT traffic comes from [boz], who has taken a look at encryption of very low data rate streams from underpowered devices. Imagine perhaps that you have an Internet-connected sensor which supplies only a few readings a day that you would like to keep private. Given that your …read more
Is it possible to achieve forward secrecy using a one way communication cahnnel with pre-shared secret?
I have a setup where i need to send some information across a unsafe channel between server A and server B. This communi… Continue reading One way communication with forward secrecy?
