SlideShare a Scribd company logo

How to Backdoor Diffie-Hellman

David Wong
David Wong

Lately, several backdoors in cryptographic constructions, protocols and implementations have been surfacing in the wild: Dual-EC in RSA's B-Safe product, a modified Dual-EC in Juniper's operating system ScreenOS and a non-prime modulus in the open-source tool socat. Many papers have already discussed the fragility of cryptographic constructions not using nothing-up-my-sleeve numbers, as well as how such numbers can be safely picked. However, the question of how to introduce a backdoor in an already secure, safe and easy to audit implementation has so far rarely been researched (in the public). We present two ways of building a Nobody-But-Us (NOBUS) Diffie-Hellman backdoor: a composite modulus with a hidden subgroup (CMHS) and a composite modulus with a smooth order (CMSO). We then explain how we were able to subtly implement and exploit it in a local copy of an open source library using the TLS protocol.

Education
1 of 94
Download to read offline
HOW TO BACKDOOR DIFFIE-HELLMANDavid Wong NCC Group
TLS pre-2007: Absence of TLS 2007: TLS only for login forms (Graham sniffs gmail cookies live at Blackhat) 2009: Moxie releases SSLstrip at Blackhat 2010: HSTS introduced in Firefox 2013: Facebook is full-https 2014: preloaded-HSTS introduced in Chrome
TLS pre-2007: Absence of TLS 2007: TLS only for login forms (Graham sniffs gmail cookies live at Blackhat) 2009: Moxie releases SSLstrip at Blackhat 2010: HSTS introduced in Firefox 2013: Facebook is full-https 2014: preloaded-HSTS introduced in Chrome
TLS pre-2007: Absence of TLS 2007: TLS only for login forms (Graham sniffs gmail cookies live at Blackhat) 2009: Moxie releases SSLstrip at Blackhat 2010: HSTS introduced in Firefox 2013: Facebook is full-https 2014: preloaded-HSTS introduced in Chrome
TLS pre-2007: Absence of TLS 2007: TLS only for login forms (Graham sniffs gmail cookies live at Blackhat) 2009: Moxie releases SSLstrip at Blackhat 2010: HSTS introduced in Firefox / Firesheep 2013: Facebook is full-https 2014: preloaded-HSTS introduced in Chrome
TLS pre-2007: Absence of TLS 2007: TLS only for login forms (Graham sniffs gmail cookies live at Blackhat) 2009: Moxie releases SSLstrip at Blackhat 2010: HSTS introduced in Firefox / Firesheep 2013: Facebook is full-https / Snowden leaks 2014: preloaded-HSTS introduced in Chrome
TLS pre-2007: Absence of TLS 2007: TLS only for login forms (Graham sniffs gmail cookies live at Blackhat) 2009: Moxie releases SSLstrip at Blackhat 2010: HSTS introduced in Firefox / Firesheep 2013: Facebook is full-https / Snowden leaks 2010/2014: preloaded-HSTS introduced in Chrome
Logjam
• hardcoded DHE parameters in Apache • NSA believed to be able to compute discrete logarithm in modulo 1024-bit integers • too much work Logjam
Logjam Client Server clientHello serverHello rsa(secret)
Logjam Client Server clientHello serverHello clientKeyExchange serverKeyExchange
Logjam Client Server clientHello serverHello clientKeyExchange serverKeyExchange
Logjam Client Server clientHello serverHello
• hardcoded DHE parameters in Apache • NSA believed to be able to compute discrete logarithm in modulo 1024-bit integers • too much work Logjam
• hardcoded DHE parameters in Apache • NSA believed to be able to compute discrete logarithm in modulo 1024-bit integers • too much work Logjam
• hardcoded DHE parameters in Apache • NSA believed to be able to compute discrete logarithm in modulo 1024-bit integers • too much work Logjam
U.S. export rules • weak “Export” Cipher Suites • 512-bit primes for Diffie-Hellman • 40-bit keys for DES
U.S. export rules • weak “Export” Cipher Suites • 512-bit primes for Diffie-Hellman • 40-bit keys for DES
U.S. export rules • weak “Export” Cipher Suites • 512-bit primes for Diffie-Hellman • 40-bit keys for DES
LOTUS NOTES • 64-bit crypto allowed… • …if 24 bits of the key are encrypted to the NSA • NSA’s RSA public key O=MiniTruth CN=Big Brother
LOTUS NOTES • 64-bit crypto allowed… • …if 24 bits of the key are encrypted to the NSA • NSA’s RSA public key O=MiniTruth CN=Big Brother
LOTUS NOTES • 64-bit crypto allowed… • …if 24 bits of the key are encrypted to the NSA • NSA’s RSA public key O=MiniTruth CN=Big Brother
Kleptography • A kleptographic attack is an attack which uses asymmetric cryptography to implement a cryptographic backdoor. • A secure kleptographic attack is undetectable as long as the cryptosystem is a black-box. • what about white-box? Reverse Engineering?
Kleptography • A kleptographic attack is an attack which uses asymmetric cryptography to implement a cryptographic backdoor. • A secure kleptographic attack is undetectable as long as the cryptosystem is a black-box. • what about white-box? Reverse Engineering?
Kleptography • A kleptographic attack is an attack which uses asymmetric cryptography to implement a cryptographic backdoor. • A secure kleptographic attack is undetectable as long as the cryptosystem is a black-box. • what about white-box? Reverse Engineering?
• Weak crypto • Kleptography
Dual EC
2007
CRYPTO 2007
NSA’s BULLRUN
Dual EC is obvious.
• Weak crypto • Kleptography • New Backdoored Algorithms
DHE backdoor?
DHE backdoor? • Everyone trust DHE already • Logjam: hardcoded DHE everywhere • Everyone is upgrading to 2048-bit parameters
DHE backdoor? • Everyone trust DHE already • Logjam: hardcoded DHE everywhere • Everyone is upgrading to 2048-bit parameters
DHE backdoor? • Everyone trust DHE already • Logjam: hardcoded DHE everywhere • Everyone is upgrading to 2048-bit parameters
Diffie-Hellman Alice Bob
Diffie-Hellman Alice Bob
Diffie-Hellman Alice Bob
Diffie-Hellman Alice Bob
Diffie-Hellman Alice Bob
Agenda 1. Group Theory 2. Attacks on DH 3. Construct a backdoor 4. Construct a NOBUS backdoor
Known attacks against DHGroup Theory
Known attacks against DHGroup Theory Alice’s
Known attacks against DHPohlig-HellmanGroup Theory
Known attacks against DHPohlig-HellmanGroup Theory
Known attacks against DHPohlig-HellmanGroup Theory
Known attacks against DHPohlig-HellmanGroup Theory
Known attacks against DHPohlig-HellmanGroup Theory
Known attacks against DHPohlig-HellmanGroup Theory
Known attacks against DHPohlig-HellmanGroup Theory
Known attacks against DHPohlig-HellmanGroup Theory
wPohlig-HellmanGroup Theory
Known attacks against DH
Known attacks against DHDiffie-HellmanKnown attacks against DH
Known attacks against DH • Trial Multiplication • SNFS, GNFS • Shank’s BSGS, Pollard Rho & Kangaroo, … • Small subgroup attacks (active) • Pohlig-Hellman (passive)
Known attacks against DH • Trial Multiplication • SNFS, GNFS • Shank’s BSGS, Pollard Rho & Kangaroo, … • Small subgroup attacks (active) • Pohlig-Hellman (passive)
Known attacks against DH • Trial Multiplication • SNFS, GNFS • Shank’s BSGS, Pollard Rho & Kangaroo, … • Small subgroup attacks (active) • Pohlig-Hellman (passive)
Known attacks against DH • Trial Multiplication • SNFS, GNFS • Shank’s BSGS, Pollard Rho & Kangaroo, … • Small subgroup attacks (active) • Pohlig-Hellman (passive)
Known attacks against DH • Trial Multiplication • SNFS, GNFS • Shank’s BSGS, Pollard Rho & Kangaroo, … • Small subgroup attacks (active) • Pohlig-Hellman (passive)
Small Subgroups Attack alice
Small Subgroups Attack alice
Small Subgroups Attack alice
Small Subgroups Attack alice odd even
Known attacks against DHPohlig-Hellman
Known attacks against DHPohlig-Hellman
Prime groups
Prime groups
Prime groups
Prime groups
CM-HSO Composite Modulus with a Hidden Smooth Order
CM-HSO Composite Modulus with a Hidden Smooth Order
CM-HSO Composite Modulus with a Hidden Smooth Order
CM-HSO Composite Modulus with a Hidden Smooth Order
DEMO
https://github.com/mimoo/Diffie-Hellman_Backdoor
Detect and Protect • Check for prime modulus • Better: check for safe prime modulus • Google Chrome -> deprecating DHE • migrating to ECDHE
Detect and Protect • Check for prime modulus • Better: check for safe prime modulus • Google Chrome -> deprecating DHE • migrating to ECDHE
Detect and Protect • Check for prime modulus • Better: check for safe prime modulus • Google Chrome deprecating DHE (-> ECDHE) • migrating to ECDHE
END how many VPN/libraries/closed-source products are backdoored?
END how many VPN/libraries/closed-source products are backdoored? what about ECDHE?
twitter.com/lyon01_david

Recommended

The Good News on Cryptography
The Good News on CryptographyThe Good News on Cryptography
The Good News on Cryptography
Martijn Grooten
 
Four years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijackingFour years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijacking
APNIC
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
 
Shmoocon Epilogue 2013 - Ruining security models with SSH
Shmoocon Epilogue 2013 - Ruining security models with SSHShmoocon Epilogue 2013 - Ruining security models with SSH
Shmoocon Epilogue 2013 - Ruining security models with SSH
Andrew Morris
 
Bitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & WalletsBitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & Wallets
Christopher Allen
 
Jwt == insecurity?
Jwt == insecurity?Jwt == insecurity?
Jwt == insecurity?
snyff
 
Firebird Interbase Database engine hacks or rtfm
Firebird Interbase Database engine hacks or rtfmFirebird Interbase Database engine hacks or rtfm
Firebird Interbase Database engine hacks or rtfm
qqlan
 
JWT: jku x5u
JWT: jku x5uJWT: jku x5u
JWT: jku x5u
snyff
 

Recommended

The Good News on Cryptography
The Good News on CryptographyThe Good News on Cryptography
The Good News on Cryptography
Martijn Grooten
 
Four years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijackingFour years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijacking
APNIC
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
 
Shmoocon Epilogue 2013 - Ruining security models with SSH
Shmoocon Epilogue 2013 - Ruining security models with SSHShmoocon Epilogue 2013 - Ruining security models with SSH
Shmoocon Epilogue 2013 - Ruining security models with SSH
Andrew Morris
 
Bitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & WalletsBitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & Wallets
Christopher Allen
 
Jwt == insecurity?
Jwt == insecurity?Jwt == insecurity?
Jwt == insecurity?
snyff
 
Firebird Interbase Database engine hacks or rtfm
Firebird Interbase Database engine hacks or rtfmFirebird Interbase Database engine hacks or rtfm
Firebird Interbase Database engine hacks or rtfm
qqlan
 
JWT: jku x5u
JWT: jku x5uJWT: jku x5u
JWT: jku x5u
snyff
 
2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux
Jason Murray
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
 
Tradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus ProtocolsTradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus Protocols
Pandora Boxchain
 
My Bro The ELK
My Bro The ELKMy Bro The ELK
My Bro The ELK
Tripwire
 
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
OWASP
 
presentation
presentationpresentation
presentationaaron bishop
 
Mobile Analytics mit Elasticsearch und Kibana
Mobile Analytics mit Elasticsearch und KibanaMobile Analytics mit Elasticsearch und Kibana
Mobile Analytics mit Elasticsearch und Kibana
inovex GmbH
 
Cumulonimbus fortification-secure-your-data-in-the-cloud
Cumulonimbus fortification-secure-your-data-in-the-cloudCumulonimbus fortification-secure-your-data-in-the-cloud
Cumulonimbus fortification-secure-your-data-in-the-cloud
David Busby, CISSP
 
proxy2: HTTPS pins and needles
proxy2: HTTPS pins and needlesproxy2: HTTPS pins and needles
proxy2: HTTPS pins and needles
inaz2
 
Canary Analyze All the Things
Canary Analyze All the ThingsCanary Analyze All the Things
Canary Analyze All the Things
royrapoport
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathers
Andrew McNicol
 
Apache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:CodecApache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:Codecmoai kids
 
Java Database Connectivity
Java Database ConnectivityJava Database Connectivity
Java Database Connectivitybackdoor
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
Gaurav Dalvi
 
Backdoor
BackdoorBackdoor
Backdoor
phanleson
 
Finding the back door to people’s hearts
Finding the back door to people’s heartsFinding the back door to people’s hearts
Finding the back door to people’s hearts
Third Column Ministries
 
Penetración con una Backdoor
Penetración con una BackdoorPenetración con una Backdoor
Penetración con una Backdoor
NEGOCIOS PROPIOS
 
Rsa and diffie hellman algorithms
Rsa and diffie hellman algorithmsRsa and diffie hellman algorithms
Rsa and diffie hellman algorithms
daxesh chauhan
 
BackDoors Seminar
BackDoors SeminarBackDoors Seminar
BackDoors SeminarChaitali Patel
 
Biometrics based key generation
Biometrics based key generationBiometrics based key generation
Biometrics based key generation
Piyush Rochwani
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
jibinmanjooran
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 

More Related Content

What's hot

2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux
Jason Murray
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
SecuRing
 
Tradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus ProtocolsTradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus Protocols
Pandora Boxchain
 
My Bro The ELK
My Bro The ELKMy Bro The ELK
My Bro The ELK
Tripwire
 
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
OWASP
 
Mobile Analytics mit Elasticsearch und Kibana
Mobile Analytics mit Elasticsearch und KibanaMobile Analytics mit Elasticsearch und Kibana
Mobile Analytics mit Elasticsearch und Kibana
inovex GmbH
 
Cumulonimbus fortification-secure-your-data-in-the-cloud
Cumulonimbus fortification-secure-your-data-in-the-cloudCumulonimbus fortification-secure-your-data-in-the-cloud
Cumulonimbus fortification-secure-your-data-in-the-cloud
David Busby, CISSP
 
proxy2: HTTPS pins and needles
proxy2: HTTPS pins and needlesproxy2: HTTPS pins and needles
proxy2: HTTPS pins and needles
inaz2
 
Canary Analyze All the Things
Canary Analyze All the ThingsCanary Analyze All the Things
Canary Analyze All the Things
royrapoport
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathers
Andrew McNicol
 
Apache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:CodecApache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:Codecmoai kids
 

What's hot (12)

2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux
 
Hunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forestHunting for the secrets in a cloud forest
Hunting for the secrets in a cloud forest
 
Tradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus ProtocolsTradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus Protocols
 
My Bro The ELK
My Bro The ELKMy Bro The ELK
My Bro The ELK
 
[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens[OPD 2019] Attacking JWT tokens
[OPD 2019] Attacking JWT tokens
 
presentation
presentationpresentation
presentation
 
Mobile Analytics mit Elasticsearch und Kibana
Mobile Analytics mit Elasticsearch und KibanaMobile Analytics mit Elasticsearch und Kibana
Mobile Analytics mit Elasticsearch und Kibana
 
Cumulonimbus fortification-secure-your-data-in-the-cloud
Cumulonimbus fortification-secure-your-data-in-the-cloudCumulonimbus fortification-secure-your-data-in-the-cloud
Cumulonimbus fortification-secure-your-data-in-the-cloud
 
proxy2: HTTPS pins and needles
proxy2: HTTPS pins and needlesproxy2: HTTPS pins and needles
proxy2: HTTPS pins and needles
 
Canary Analyze All the Things
Canary Analyze All the ThingsCanary Analyze All the Things
Canary Analyze All the Things
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathers
 
Apache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:CodecApache Commons ソースリーディングの会:Codec
Apache Commons ソースリーディングの会:Codec
 

Viewers also liked

Java Database Connectivity
Java Database ConnectivityJava Database Connectivity
Java Database Connectivitybackdoor
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
Gaurav Dalvi
 
Backdoor
BackdoorBackdoor
Backdoor
phanleson
 
Finding the back door to people’s hearts
Finding the back door to people’s heartsFinding the back door to people’s hearts
Finding the back door to people’s hearts
Third Column Ministries
 
Penetración con una Backdoor
Penetración con una BackdoorPenetración con una Backdoor
Penetración con una Backdoor
NEGOCIOS PROPIOS
 
Rsa and diffie hellman algorithms
Rsa and diffie hellman algorithmsRsa and diffie hellman algorithms
Rsa and diffie hellman algorithms
daxesh chauhan
 
Biometrics based key generation
Biometrics based key generationBiometrics based key generation
Biometrics based key generation
Piyush Rochwani
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
jibinmanjooran
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
Diffie-Hellman key exchange
Diffie-Hellman key exchangeDiffie-Hellman key exchange
Diffie-Hellman key exchangehughpearse
 

Viewers also liked (11)

Java Database Connectivity
Java Database ConnectivityJava Database Connectivity
Java Database Connectivity
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
 
Backdoor
BackdoorBackdoor
Backdoor
 
Finding the back door to people’s hearts
Finding the back door to people’s heartsFinding the back door to people’s hearts
Finding the back door to people’s hearts
 
Penetración con una Backdoor
Penetración con una BackdoorPenetración con una Backdoor
Penetración con una Backdoor
 
Rsa and diffie hellman algorithms
Rsa and diffie hellman algorithmsRsa and diffie hellman algorithms
Rsa and diffie hellman algorithms
 
BackDoors Seminar
BackDoors SeminarBackDoors Seminar
BackDoors Seminar
 
Biometrics based key generation
Biometrics based key generationBiometrics based key generation
Biometrics based key generation
 
Introduction to trojans and backdoors
Introduction to trojans and backdoorsIntroduction to trojans and backdoors
Introduction to trojans and backdoors
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
Diffie-Hellman key exchange
Diffie-Hellman key exchangeDiffie-Hellman key exchange
Diffie-Hellman key exchange
 

Similar to How to Backdoor Diffie-Hellman

"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014
"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014
"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014it-people
 
Y4IT 2021: Protecting routing is hard
Y4IT 2021: Protecting routing is hardY4IT 2021: Protecting routing is hard
Y4IT 2021: Protecting routing is hard
APNIC
 
ProjectTox: Free as in freedom Skype replacement
ProjectTox: Free as in freedom Skype replacementProjectTox: Free as in freedom Skype replacement
ProjectTox: Free as in freedom Skype replacement
Wei-Ning Huang
 
Introduction to Cryptography & PGP
Introduction to Cryptography & PGPIntroduction to Cryptography & PGP
Introduction to Cryptography & PGP
Rayed Alrashed
 
Масштабируя TLS / Артём Гавриченков (Qrator Labs)
Масштабируя TLS / Артём Гавриченков (Qrator Labs)Масштабируя TLS / Артём Гавриченков (Qrator Labs)
Масштабируя TLS / Артём Гавриченков (Qrator Labs)
Ontico
 
Масштабируя TLS
Масштабируя TLSМасштабируя TLS
Масштабируя TLS
Qrator Labs
 
Part2-Apps-Security.pptx
Part2-Apps-Security.pptxPart2-Apps-Security.pptx
Part2-Apps-Security.pptx
Olivier Bonaventure
 
Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Frontera распределенный робот для обхода веба в больших объемах / Александр С...Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Ontico
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
nerdybeardo
 
A web app in pure Clojure
A web app in pure ClojureA web app in pure Clojure
A web app in pure Clojure
Dane Schneider
 
BSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheels
infodox
 
13 practical tips for writing secure golang applications
13 practical tips for writing secure golang applications13 practical tips for writing secure golang applications
13 practical tips for writing secure golang applications
Karthik Gaekwad
 
Part2-Apps-Security.pptx
Part2-Apps-Security.pptxPart2-Apps-Security.pptx
Part2-Apps-Security.pptx
Olivier Bonaventure
 
Host Intrusion Detection like a Boss
Host Intrusion Detection like a BossHost Intrusion Detection like a Boss
Host Intrusion Detection like a Boss
André Lima
 
Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013
Cloudflare
 
Improving password-based authentication
Improving password-based authenticationImproving password-based authentication
Improving password-based authentication
Frank Denis
 
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
CODE BLUE
 
Genetic Malware
Genetic MalwareGenetic Malware
Genetic Malware
Lauren Sheppard
 
Genetic Malware
Genetic MalwareGenetic Malware
Genetic Malware
Okta
 

Similar to How to Backdoor Diffie-Hellman (20)

"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014
"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014
"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014
 
Y4IT 2021: Protecting routing is hard
Y4IT 2021: Protecting routing is hardY4IT 2021: Protecting routing is hard
Y4IT 2021: Protecting routing is hard
 
ProjectTox: Free as in freedom Skype replacement
ProjectTox: Free as in freedom Skype replacementProjectTox: Free as in freedom Skype replacement
ProjectTox: Free as in freedom Skype replacement
 
Introduction to Cryptography & PGP
Introduction to Cryptography & PGPIntroduction to Cryptography & PGP
Introduction to Cryptography & PGP
 
Масштабируя TLS / Артём Гавриченков (Qrator Labs)
Масштабируя TLS / Артём Гавриченков (Qrator Labs)Масштабируя TLS / Артём Гавриченков (Qrator Labs)
Масштабируя TLS / Артём Гавриченков (Qrator Labs)
 
Масштабируя TLS
Масштабируя TLSМасштабируя TLS
Масштабируя TLS
 
Part2-Apps-Security.pptx
Part2-Apps-Security.pptxPart2-Apps-Security.pptx
Part2-Apps-Security.pptx
 
Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Frontera распределенный робот для обхода веба в больших объемах / Александр С...Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Frontera распределенный робот для обхода веба в больших объемах / Александр С...
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
 
A web app in pure Clojure
A web app in pure ClojureA web app in pure Clojure
A web app in pure Clojure
 
BSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on WheelsBSides Hannover 2015 - Shell on Wheels
BSides Hannover 2015 - Shell on Wheels
 
13 practical tips for writing secure golang applications
13 practical tips for writing secure golang applications13 practical tips for writing secure golang applications
13 practical tips for writing secure golang applications
 
Part2-Apps-Security.pptx
Part2-Apps-Security.pptxPart2-Apps-Security.pptx
Part2-Apps-Security.pptx
 
Host Intrusion Detection like a Boss
Host Intrusion Detection like a BossHost Intrusion Detection like a Boss
Host Intrusion Detection like a Boss
 
Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013Sullivan white boxcrypto-baythreat-2013
Sullivan white boxcrypto-baythreat-2013
 
Improving password-based authentication
Improving password-based authenticationImproving password-based authentication
Improving password-based authentication
 
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
[CB19] I KNOW WHAT YOU DID LAST NIGHT : Pwning The State-Of-The-Art the IoT H...
 
Genetic Malware
Genetic MalwareGenetic Malware
Genetic Malware
 
Genetic Malware
Genetic MalwareGenetic Malware
Genetic Malware
 
NullMQ @ PDX
NullMQ @ PDXNullMQ @ PDX
NullMQ @ PDX
 

Recently uploaded

Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Akanksha trivedi rama nursing college kanpur.
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
Mohammed Sikander
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
Peter Windle
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
deeptiverma2406
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
DhatriParmar
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 

Recently uploaded (20)

Natural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama UniversityNatural birth techniques - Mrs.Akanksha Trivedi Rama University
Natural birth techniques - Mrs.Akanksha Trivedi Rama University
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
A Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in EducationA Strategic Approach: GenAI in Education
A Strategic Approach: GenAI in Education
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
The Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptxThe Diamond Necklace by Guy De Maupassant.pptx
The Diamond Necklace by Guy De Maupassant.pptx
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 

How to Backdoor Diffie-Hellman