SlideShare a Scribd company logo

No-Knowledge Crypto Attacks

Download as PPTX, PDF
B
BaronZor

Attacks against badly implemented cryptography that don't require in-depth knowledge of cryptography.

Technology
1 of 42
COPYRIGHT TRUSTWAVE 2011 Presented by: No-Knowledge Crypto Attacks Daniel Crowley
Structure › Background › Attack! › Potential Win
IDENTIFYING CIPHERTEXT “Yep, it‟s wood”
Properties of ciphertext › Appears random › Generally encoded › Decoded length often multiple of 8/16/32 –Block ciphers
Example › Base64 encoded › Decodes to 80 bytes › Ent shows strong signs of randomness › Probably ciphertext (okay, it is, I generated it)
REPLAY ATTACK Bait and switch
Background › Reuse of cryptovariables › Trust in decrypted data
Attack! › Reuse ciphertext OR › Find two places where ciphertext is being accepted › Swap them around
Potential Win › Ciphertext from “article.php?id=(ciphertext)” › Placed in “doPasswordReset.php?userid=(ciphertext)” › Reset password for another user
DECRYPTION ORACLE Decrypt ALL the things!
Background › Application takes encrypted input › Application decrypts input › Application gives you decrypted output
Identifying Decryption Oracles › Look for encrypted input › Modify input and look for garbled response
Attack! › Take ciphertext from another location › Plug into decryption oracle
Potential Win › “Password” cookie with encrypted value › Plug cookie into decryption oracle › PASSWORDS!
ENCRYPTION ORACLE Encrypt ALL the things!
Background › Application takes plaintext input › Application encrypts input › Application gives you encrypted output
Identifying Encryption Oracles › Look for ciphertext in responses › Modify input and look for modified ciphertext › Length is often the giveaway
Attack! › Encrypt strings like ‘ or 1=1# › Plug encrypted string into any encrypted input › Cross your fingers
Potential Win › resetpass.php?id=(ciphertext) › resetpass.php?id=( ENC(„ or 1=1 #) ) › SQLi!
STREAM CIPHER BIT FLIPPING Flipping easy
Background › Construction is simple › Same key & IV means same keystream › Reusing cryptovariables means catastrophic failure
0 1 1 0 0 1 0 0 1 0 1 0 1 0 1 0 1 1 0 0 1 1 1 0
0 1 1 0 0 1 0 1 1 0 1 0 1 0 1 0 1 1 0 0 1 1 1 1
Attack! › Flip bits in ciphertext input › Same bits in plaintext are flipped › No modification to other parts of message
Potential Win › Plaintext –username=fred&admin=0 › Flip lots of bits until… –username=fred&admin=1
STREAM CIPHER KEYSTREAM RECOVERY I couldn‟t think of anything funny for this one
Attack! › Guess plaintext of an encrypted message › XOR plaintext and ciphertext to get suspected keystream › XOR suspected keystream with unknown ciphertext –Attempt to read message
Definite Win › Ability to encrypt and decrypt anything – In byte positions where known plaintext resides
ECB BLOCK SHUFFLING Every day I‟m shufflin‟
Background › ECB is a block cipher mode › Each block is encrypted independent of others › Blocks can be reordered, removed, duplicated
BLOCK 1 CIPHER BLOCK 1 BLOCK 2 CIPHER BLOCK 2 BLOCK 3 CIPHER BLOCK 3 PLAIN TEXT CIPHER TEXT
Attack! › Shuffle blocks around randomly in encrypted messages › Cross your fingers!
Plaintext before modification 0 1 2 3 4 5 6 7 L A S T V I S I T E D = / E N / H O M E . J S P & U S E R I D = 1 2 3 4 x04 x04 x04 x04 lastVisited=/en/home.jsp&userId=1234
Plaintext after modification 0 1 2 3 4 5 6 7 L A S T V I S I T E D = / E N / H O M E . J S P & U S E R I D = 1 & F O O = B A 1 2 3 4 x04 x04 x04 x04 lastVisited=/en/home.jsp&userId=1&foo=ba1234
CBC BIT FLIPPING Flipping awesome
Background › CBC is a block cipher mode › When decrypting, each block affects next block › Flipping bits in ciphertext block n – Garbles plaintext block n – Flips same bits in plaintext block n+1
BLOCK A IV CIPHER BLOCK A BLOCK B CIPHER BLOCK B BLOCK C CIPHER BLOCK C PLAIN TEXT CIPHER TEXT
BLOCK A IV CIPHER BLOCK A BLOCK B CIPHER BLOCK B BLOCK C CIPHER BLOCK C PLAIN TEXT CIPHER TEXT
Attack! › Submit ciphertext multiple times › Flip a different bit each time › Cross your fingers!
Potential Win › Plaintext is: –lastVisited=http://example.com/home.jsp&u id=124%01 –(lastVisited=http)(://example.com/h)(ome.js p&uid=124%01) • Split into 16 byte blocks › Flip bits in bytes 13-15 in block 2 –Block 2 becomes garbage –“124” in block 3 has bits flipped in plaintext
MISCELLANEOUS Bonus round!
Other Fun Attacks › Padding Oracles – padBuster.pl › Hash length extension attacks – Hash_extender

Recommended

Lecture 2
Lecture 2Lecture 2
Lecture 2fadwa_stuka
 
CISSP Week 18
CISSP Week 18CISSP Week 18
CISSP Week 18jemtallon
 
Classic Information encryption techniques
Classic Information encryption techniquesClassic Information encryption techniques
Classic Information encryption techniquesJay Nagar
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniquesuniversity of education,Lahore
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical EncryptionShafaan Khaliq Bhatti
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipherHossain Md Shakhawat
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
Cryptography
CryptographyCryptography
CryptographyHarry Potter
 

Recommended

Lecture 2
Lecture 2Lecture 2
Lecture 2fadwa_stuka
 
CISSP Week 18
CISSP Week 18CISSP Week 18
CISSP Week 18jemtallon
 
Classic Information encryption techniques
Classic Information encryption techniquesClassic Information encryption techniques
Classic Information encryption techniquesJay Nagar
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniquesuniversity of education,Lahore
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical EncryptionShafaan Khaliq Bhatti
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipherHossain Md Shakhawat
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
Cryptography
CryptographyCryptography
CryptographyHarry Potter
 
Cryptography basics
Cryptography basicsCryptography basics
Cryptography basicsShellmates
 
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievSecurity Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievNazar Tymoshyk, CEH, Ph.D.
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquessaqib1611
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:Asad Ali
 
Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!) Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!)Breanne Boland
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Mohamed Loey
 
Ch02
Ch02Ch02
Ch02Joe Christensen
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network securitysathu30
 
Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
Doing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthDoing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthTom Croucher
 
Pack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataPack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataLambert Lum
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Mohamed Loey
 
00-Review of Linux Basics
00-Review of Linux Basics00-Review of Linux Basics
00-Review of Linux Basicsbehrad eslamifar
 
Edward Schaefer
Edward SchaeferEdward Schaefer
Edward SchaeferInformation Security Awareness Group
 
CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxBhavikaGianey
 
Cool crypto concepts JavaZone
Cool crypto concepts JavaZoneCool crypto concepts JavaZone
Cool crypto concepts JavaZoneRoy Wasse
 
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz «Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz 0xdec0de
 
Applied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersApplied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersVlad Garbuz
 
Hollywood style decryption
Hollywood style decryptionHollywood style decryption
Hollywood style decryptionidsecconf
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryptionfaffyman
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical CryptographyKelley Robinson
 

More Related Content

What's hot

Cryptography basics
Cryptography basicsCryptography basics
Cryptography basicsShellmates
 
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievSecurity Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievNazar Tymoshyk, CEH, Ph.D.
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquessaqib1611
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:Asad Ali
 
Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!) Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!)Breanne Boland
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Mohamed Loey
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network securitysathu30
 
Doing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthDoing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthTom Croucher
 
Pack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataPack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataLambert Lum
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Mohamed Loey
 

What's hot (15)

Cryptography basics
Cryptography basicsCryptography basics
Cryptography basics
 
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievSecurity Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:
 
Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!) Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!)
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1
 
Ch02
Ch02Ch02
Ch02
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network security
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
 
Doing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthDoing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions South
 
Pack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataPack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary data
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2
 
00-Review of Linux Basics
00-Review of Linux Basics00-Review of Linux Basics
00-Review of Linux Basics
 
Edward Schaefer
Edward SchaeferEdward Schaefer
Edward Schaefer
 

Similar to No-Knowledge Crypto Attacks

CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxBhavikaGianey
 
Cool crypto concepts JavaZone
Cool crypto concepts JavaZoneCool crypto concepts JavaZone
Cool crypto concepts JavaZoneRoy Wasse
 
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz «Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz 0xdec0de
 
Applied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersApplied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersVlad Garbuz
 
Hollywood style decryption
Hollywood style decryptionHollywood style decryption
Hollywood style decryptionidsecconf
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryptionfaffyman
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical CryptographyKelley Robinson
 
Bitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & WalletsBitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & WalletsChristopher Allen
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Defeating the entropy downgrade attack
Defeating the entropy downgrade attackDefeating the entropy downgrade attack
Defeating the entropy downgrade attackSeth Wahle
 
Daniel Crowley - Speaking with Cryptographic Oracles
Daniel Crowley - Speaking with Cryptographic OraclesDaniel Crowley - Speaking with Cryptographic Oracles
Daniel Crowley - Speaking with Cryptographic OraclesBaronZor
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers Sam Bowne
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Cool Crypto Concepts CodeOne SFO
Cool Crypto Concepts CodeOne SFOCool Crypto Concepts CodeOne SFO
Cool Crypto Concepts CodeOne SFORoy Wasse
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - OverviewMohammed Adam
 
Cs166 mynote
Cs166 mynoteCs166 mynote
Cs166 mynoteKaya Ota
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Ch03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardCh03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardtarekiceiuk
 
DEFCON 23 - Eijah - crypto for hackers
DEFCON 23 - Eijah - crypto for hackersDEFCON 23 - Eijah - crypto for hackers
DEFCON 23 - Eijah - crypto for hackersFelipe Prado
 

Similar to No-Knowledge Crypto Attacks (20)

CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptx
 
Cool crypto concepts JavaZone
Cool crypto concepts JavaZoneCool crypto concepts JavaZone
Cool crypto concepts JavaZone
 
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz «Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz
 
Applied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersApplied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphers
 
Hollywood style decryption
Hollywood style decryptionHollywood style decryption
Hollywood style decryption
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryption
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical Cryptography
 
Bitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & WalletsBitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & Wallets
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Defeating the entropy downgrade attack
Defeating the entropy downgrade attackDefeating the entropy downgrade attack
Defeating the entropy downgrade attack
 
Daniel Crowley - Speaking with Cryptographic Oracles
Daniel Crowley - Speaking with Cryptographic OraclesDaniel Crowley - Speaking with Cryptographic Oracles
Daniel Crowley - Speaking with Cryptographic Oracles
 
FormacaoCrypto
FormacaoCryptoFormacaoCrypto
FormacaoCrypto
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Cool Crypto Concepts CodeOne SFO
Cool Crypto Concepts CodeOne SFOCool Crypto Concepts CodeOne SFO
Cool Crypto Concepts CodeOne SFO
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
 
Cs166 mynote
Cs166 mynoteCs166 mynote
Cs166 mynote
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Ch03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardCh03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standard
 
DEFCON 23 - Eijah - crypto for hackers
DEFCON 23 - Eijah - crypto for hackersDEFCON 23 - Eijah - crypto for hackers
DEFCON 23 - Eijah - crypto for hackers
 

More from BaronZor

The Patsy Proxy
The Patsy ProxyThe Patsy Proxy
The Patsy ProxyBaronZor
 
Home Invasion 2.0 - DEF CON 21 - 2013
Home Invasion 2.0 - DEF CON 21 - 2013Home Invasion 2.0 - DEF CON 21 - 2013
Home Invasion 2.0 - DEF CON 21 - 2013BaronZor
 
Why UPnP is awesome and terrifying
Why UPnP is awesome and terrifyingWhy UPnP is awesome and terrifying
Why UPnP is awesome and terrifyingBaronZor
 
Advanced SQL Injection with SQLol
Advanced SQL Injection with SQLolAdvanced SQL Injection with SQLol
Advanced SQL Injection with SQLolBaronZor
 
Jack of all Formats
Jack of all FormatsJack of all Formats
Jack of all FormatsBaronZor
 
Windows File Pseudonyms
Windows File PseudonymsWindows File Pseudonyms
Windows File PseudonymsBaronZor
 

More from BaronZor (6)

The Patsy Proxy
The Patsy ProxyThe Patsy Proxy
The Patsy Proxy
 
Home Invasion 2.0 - DEF CON 21 - 2013
Home Invasion 2.0 - DEF CON 21 - 2013Home Invasion 2.0 - DEF CON 21 - 2013
Home Invasion 2.0 - DEF CON 21 - 2013
 
Why UPnP is awesome and terrifying
Why UPnP is awesome and terrifyingWhy UPnP is awesome and terrifying
Why UPnP is awesome and terrifying
 
Advanced SQL Injection with SQLol
Advanced SQL Injection with SQLolAdvanced SQL Injection with SQLol
Advanced SQL Injection with SQLol
 
Jack of all Formats
Jack of all FormatsJack of all Formats
Jack of all Formats
 
Windows File Pseudonyms
Windows File PseudonymsWindows File Pseudonyms
Windows File Pseudonyms
 

Recently uploaded

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Recently uploaded (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

No-Knowledge Crypto Attacks

Editor's Notes

  1. If you care how it works, pay attention to the Background slidesBuy me a beer and ask for more detailsMore understanding makes these attacks more effective
  2. Ciphertext generated using a sound algorithm shows signs of randomnessEnt is a nice tool for testing randomness of datahttp://fourmilab.ch/randomRandom bytes play hell with lots of protocolsUsual suspects:Base64URL-safe Base64ASCII hexURL encodingDecoded length is often a multiple of 8/16/32 bytesAuthenticated crypto generally adds another 4 bytes
  3. Developers reuse cryptovariablesKeyIVCipherDevelopers usually reuse cryptovariables and trust that the data they have decrypted using their application is sane, due to the poor assumption that no one can generate or alter the encrypted data without the key.No input validationNo error handling
  4. Similar to fuzzing for XSSBit flipping should produce garbled dataWith authenticated crypto, swapping ciphertext might work
  5. Similar to fuzzing for XSS
  6. Stream ciphersProduce pseudo-random bytes (keystream) using key & IVEncryption/Decryption: XOR with keystreamIV reuse was the downfall of WEP
  7. Here is a multi-byte XOR operation. We assume this to be a part of a stream cipher. The middle row is the keystream, which is XORed with the ciphertext to decrypt the message.
  8. We do not know the keystream, but we know that flipping the bits of the ciphertext results in corresponding bits of the plaintext being flipped.
  9. Other messages’ blocks can be used tooRequires key reuse