SlideShare ist ein Scribd-Unternehmen logo

Cryptanalysis of the Engima - 44CON 2012

•Als PPTX, PDF herunterladen•
•
44CON
44CON

Bob Weiss and Benjamin Gatti present their work on Cryptanalysis of the Engima from 44CON 2012 in London, September 2012.

1 von 18
Cryptanalysis of the Enigma
whoami • Bob Weiss - @pwcrack - President and Founder, Password Crackers, Inc. (pwcrack.com) & Defcon Goon • Benjamin Gatti - @BenjaminoG - Developer, OpenVPN
Alan Turing Were Alan Turing alive today, he would be unconstrained by either the mechanical computing devices of the 1940's; or it's pharisaical provincialism. We are pleased to present a digital Enigma attack in London at #44Con during this centennial of his birth.
Demo Time Yeah we're starting the demo now!
Why do we care about The Enigma? • Inflection Point in the history of cryptography • Fascinating WWII narrative
There is no Enigma • There are multiple versions • Army and Navy • 3 & 4 Wheel • Variable Reflector
How the Enigma works. • Wheel Order (3 of 5 wheels for 60 options)
How the Enigma works. • Ring settings (676 orr 262 options)
How the Enigma works. • Message Settings (17,576 or 263 options)
How the Enigma works. • Plugboard (150,738,274,937,250 or 150 trillion)
How the Enigma works. • Expected complexity of Enigma 277 • DES 256 • AES 2128
Historic Cryptanalysis • Polish Cipher Bureau - 1932, Marian Rejewski, Machine Characteristics • Polish Bombe - 1938 • Polish Setback - Dec. 1938 Germans add two rotors • Polish Disclosure - 1939 Poles tell the French • Crib-Based Decryption - Turing • British Bombe - 1930 • American Bombe - 1941
Programming Challenges  GPU – OpenCL  Memory  Database Throughput
Sorted Chi
Stecker Isolation Letters for each Stecker Binned separately. 26!! - 6!! (150T) to 26^3 (17K) (pwned) EDGYEMHENYFYEJOEIYKUFMKEUA THEFOXJUMPEDOVERTHELAZYDOG TOUORD Chi (E Stecker)
Diagonal Conflation
Back to the Demo
Q&A enigmacrack.com

Empfohlen

enigma cipher machine
enigma cipher machineenigma cipher machine
enigma cipher machineAryan Raj
 
Alan M. Turing and the Enigma Machine
Alan M. Turing and the Enigma MachineAlan M. Turing and the Enigma Machine
Alan M. Turing and the Enigma MachineBirkbeck College
 
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and EnigmaSecurity Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and EnigmaCraig Heath
 
Paper Enigma Machine
Paper Enigma MachinePaper Enigma Machine
Paper Enigma MachineMike Koss
 
Enigma History
Enigma HistoryEnigma History
Enigma HistoryMike Koss
 
Digital resistance, East European demo art
Digital resistance, East European demo artDigital resistance, East European demo art
Digital resistance, East European demo artJari Jaanto
 
Retrocomputers as Hacking Platforms
Retrocomputers as Hacking PlatformsRetrocomputers as Hacking Platforms
Retrocomputers as Hacking PlatformsLeif Bloomquist
 
Bajo - Psyke: EMulazione PS1... da Firenze alla Cina
Bajo - Psyke: EMulazione PS1... da Firenze alla CinaBajo - Psyke: EMulazione PS1... da Firenze alla Cina
Bajo - Psyke: EMulazione PS1... da Firenze alla CinaCodemotion
 

Empfohlen

enigma cipher machine
enigma cipher machineenigma cipher machine
enigma cipher machineAryan Raj
 
Alan M. Turing and the Enigma Machine
Alan M. Turing and the Enigma MachineAlan M. Turing and the Enigma Machine
Alan M. Turing and the Enigma MachineBirkbeck College
 
Security Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and EnigmaSecurity Lessons from Bletchley Park and Enigma
Security Lessons from Bletchley Park and EnigmaCraig Heath
 
Paper Enigma Machine
Paper Enigma MachinePaper Enigma Machine
Paper Enigma MachineMike Koss
 
Enigma History
Enigma HistoryEnigma History
Enigma HistoryMike Koss
 
Digital resistance, East European demo art
Digital resistance, East European demo artDigital resistance, East European demo art
Digital resistance, East European demo artJari Jaanto
 
Retrocomputers as Hacking Platforms
Retrocomputers as Hacking PlatformsRetrocomputers as Hacking Platforms
Retrocomputers as Hacking PlatformsLeif Bloomquist
 
Bajo - Psyke: EMulazione PS1... da Firenze alla Cina
Bajo - Psyke: EMulazione PS1... da Firenze alla CinaBajo - Psyke: EMulazione PS1... da Firenze alla Cina
Bajo - Psyke: EMulazione PS1... da Firenze alla CinaCodemotion
 
Special tools for a special job or what kind of weapon system American Sniper...
Special tools for a special job or what kind of weapon system American Sniper...Special tools for a special job or what kind of weapon system American Sniper...
Special tools for a special job or what kind of weapon system American Sniper...b-cool
 
The enigma machine lesson 2
The enigma machine lesson 2The enigma machine lesson 2
The enigma machine lesson 24011cassandra
 
Gen
GenGen
GenMeeM1234
 
tyco
tycotyco
tycoaparna kusalkar
 
Lruce Bee Level Design Presentation
Lruce Bee Level Design PresentationLruce Bee Level Design Presentation
Lruce Bee Level Design PresentationLruce_Bee
 
MISRA-C as a functional programming with subset of C programming language
MISRA-C as a functional programming with subset of C programming languageMISRA-C as a functional programming with subset of C programming language
MISRA-C as a functional programming with subset of C programming languageKiyoshi Ogawa
 
rx13
rx13rx13
rx13Kostia Ulichny
 
Open end plant blowroom lines
Open end plant blowroom linesOpen end plant blowroom lines
Open end plant blowroom linesSatyakam Srivastava
 
Equipment form 2
Equipment form 2Equipment form 2
Equipment form 2Ben Smith
 
Multirotors
MultirotorsMultirotors
MultirotorsStoyan Zhekov
 
SSTIC RUMP 2018 - Modmobjam
SSTIC RUMP 2018 - ModmobjamSSTIC RUMP 2018 - Modmobjam
SSTIC RUMP 2018 - Modmobjam📡 Sebastien Dudek
 
history.ppt
history.ppthistory.ppt
history.pptNivetheni
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream CiphersSam Bowne
 
Storia dei computer
Storia dei computerStoria dei computer
Storia dei computerDavideDrago2
 
ZX Spectrum Universe
ZX Spectrum UniverseZX Spectrum Universe
ZX Spectrum UniverseYuri Voynalovich
 
Introduction to Cryptography Part I
Introduction to Cryptography Part IIntroduction to Cryptography Part I
Introduction to Cryptography Part IMaksim Djackov
 
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...PROIDEA
 
Computing through the ages
Computing through the agesComputing through the ages
Computing through the agesLSC-CyFair Academy for Lifelong Learning
 
Travis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeTravis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeSource Conference
 
A Brief History of British Computing VCF PNW 2019
A Brief History of British Computing VCF PNW 2019A Brief History of British Computing VCF PNW 2019
A Brief History of British Computing VCF PNW 2019Steve Jamieson
 
Life and Work of Dr. John Backus | Turing100@Persistent
Life and Work of Dr. John Backus | Turing100@PersistentLife and Work of Dr. John Backus | Turing100@Persistent
Life and Work of Dr. John Backus | Turing100@PersistentPersistent Systems Ltd.
 
13528 l8
13528 l813528 l8
13528 l8ridhika_gulati
 

Weitere ähnliche Inhalte

Was ist angesagt?

Special tools for a special job or what kind of weapon system American Sniper...
Special tools for a special job or what kind of weapon system American Sniper...Special tools for a special job or what kind of weapon system American Sniper...
Special tools for a special job or what kind of weapon system American Sniper...b-cool
 
The enigma machine lesson 2
The enigma machine lesson 2The enigma machine lesson 2
The enigma machine lesson 24011cassandra
 
Lruce Bee Level Design Presentation
Lruce Bee Level Design PresentationLruce Bee Level Design Presentation
Lruce Bee Level Design PresentationLruce_Bee
 
MISRA-C as a functional programming with subset of C programming language
MISRA-C as a functional programming with subset of C programming languageMISRA-C as a functional programming with subset of C programming language
MISRA-C as a functional programming with subset of C programming languageKiyoshi Ogawa
 
Open end plant blowroom lines
Open end plant blowroom linesOpen end plant blowroom lines
Open end plant blowroom linesSatyakam Srivastava
 
Equipment form 2
Equipment form 2Equipment form 2
Equipment form 2Ben Smith
 

Was ist angesagt? (11)

Special tools for a special job or what kind of weapon system American Sniper...
Special tools for a special job or what kind of weapon system American Sniper...Special tools for a special job or what kind of weapon system American Sniper...
Special tools for a special job or what kind of weapon system American Sniper...
 
The enigma machine lesson 2
The enigma machine lesson 2The enigma machine lesson 2
The enigma machine lesson 2
 
Gen
GenGen
Gen
 
tyco
tycotyco
tyco
 
Lruce Bee Level Design Presentation
Lruce Bee Level Design PresentationLruce Bee Level Design Presentation
Lruce Bee Level Design Presentation
 
MISRA-C as a functional programming with subset of C programming language
MISRA-C as a functional programming with subset of C programming languageMISRA-C as a functional programming with subset of C programming language
MISRA-C as a functional programming with subset of C programming language
 
rx13
rx13rx13
rx13
 
Open end plant blowroom lines
Open end plant blowroom linesOpen end plant blowroom lines
Open end plant blowroom lines
 
Equipment form 2
Equipment form 2Equipment form 2
Equipment form 2
 
Multirotors
MultirotorsMultirotors
Multirotors
 
SSTIC RUMP 2018 - Modmobjam
SSTIC RUMP 2018 - ModmobjamSSTIC RUMP 2018 - Modmobjam
SSTIC RUMP 2018 - Modmobjam
 

Ähnlich wie Cryptanalysis of the Engima - 44CON 2012

history.ppt
history.ppthistory.ppt
history.pptNivetheni
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream CiphersSam Bowne
 
Storia dei computer
Storia dei computerStoria dei computer
Storia dei computerDavideDrago2
 
ZX Spectrum Universe
ZX Spectrum UniverseZX Spectrum Universe
ZX Spectrum UniverseYuri Voynalovich
 
Introduction to Cryptography Part I
Introduction to Cryptography Part IIntroduction to Cryptography Part I
Introduction to Cryptography Part IMaksim Djackov
 
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...PROIDEA
 
Travis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeTravis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeSource Conference
 
A Brief History of British Computing VCF PNW 2019
A Brief History of British Computing VCF PNW 2019A Brief History of British Computing VCF PNW 2019
A Brief History of British Computing VCF PNW 2019Steve Jamieson
 
Life and Work of Dr. John Backus | Turing100@Persistent
Life and Work of Dr. John Backus | Turing100@PersistentLife and Work of Dr. John Backus | Turing100@Persistent
Life and Work of Dr. John Backus | Turing100@PersistentPersistent Systems Ltd.
 
History of computer
History of computerHistory of computer
History of computerWajahat Ali
 
Quantum Computing
Quantum ComputingQuantum Computing
Quantum Computingfarukcankaya
 
Quantum Computing
Quantum ComputingQuantum Computing
Quantum ComputingTwentify
 
Chapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdfChapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdfAschalewAyele2
 

Ähnlich wie Cryptanalysis of the Engima - 44CON 2012 (16)

history.ppt
history.ppthistory.ppt
history.ppt
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream Ciphers
 
Storia dei computer
Storia dei computerStoria dei computer
Storia dei computer
 
ZX Spectrum Universe
ZX Spectrum UniverseZX Spectrum Universe
ZX Spectrum Universe
 
Introduction to Cryptography Part I
Introduction to Cryptography Part IIntroduction to Cryptography Part I
Introduction to Cryptography Part I
 
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...
PLNOG 21: Ron Broersma - Historical_Perspectives_on_Computing, Networking, Se...
 
Computing through the ages
Computing through the agesComputing through the ages
Computing through the ages
 
Travis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBeeTravis Goodspeed - Not Quite ZigBee
Travis Goodspeed - Not Quite ZigBee
 
A Brief History of British Computing VCF PNW 2019
A Brief History of British Computing VCF PNW 2019A Brief History of British Computing VCF PNW 2019
A Brief History of British Computing VCF PNW 2019
 
Life and Work of Dr. John Backus | Turing100@Persistent
Life and Work of Dr. John Backus | Turing100@PersistentLife and Work of Dr. John Backus | Turing100@Persistent
Life and Work of Dr. John Backus | Turing100@Persistent
 
13528 l8
13528 l813528 l8
13528 l8
 
History of computer
History of computerHistory of computer
History of computer
 
005813616.pdf
005813616.pdf005813616.pdf
005813616.pdf
 
Quantum Computing
Quantum ComputingQuantum Computing
Quantum Computing
 
Quantum Computing
Quantum ComputingQuantum Computing
Quantum Computing
 
Chapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdfChapter_three - Computer Security.pdf
Chapter_three - Computer Security.pdf
 

Mehr von 44CON

They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...44CON
 
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...44CON
 
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...44CON
 
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...44CON
 
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...44CON
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...44CON
 
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...44CON
 
Pwning the 44CON Nerf Tank
Pwning the 44CON Nerf TankPwning the 44CON Nerf Tank
Pwning the 44CON Nerf Tank44CON
 
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...44CON
 
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images44CON
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON
 
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...44CON
 
44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy44CON
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
 
44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train44CON
 
44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security44CON
 
44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection44CON
 
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities44CON
 
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON
 
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root44CON
 

Mehr von 44CON (20)

They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
They're All Scorpions - Successful SecOps in a Hostile Workplace - Pete Herzo...
 
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
How to Explain Post-Quantum Cryptography to a Middle School Student - Klaus S...
 
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
Using SmartNICs to Provide Better Data Center Security - Jack Matheson - 44CO...
 
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and...
 
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
Reverse Engineering and Bug Hunting on KMDF Drivers - Enrique Nissim - 44CON ...
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
 
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
Weak analogies make poor realities – are we sitting on a Security Debt Crisis...
 
Pwning the 44CON Nerf Tank
Pwning the 44CON Nerf TankPwning the 44CON Nerf Tank
Pwning the 44CON Nerf Tank
 
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
Security module for php7 – Killing bugclasses and virtual-patching the rest! ...
 
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
44CON London 2015 - Stegosploit - Drive-by Browser Exploits using only Images
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?
 
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
44CON London 2015 - Indicators of Compromise: From malware analysis to eradic...
 
44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy44CON London 2015 - How to drive a malware analyst crazy
44CON London 2015 - How to drive a malware analyst crazy
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
 
44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train44CON London 2015 - Going AUTH the Rails on a Crazy Train
44CON London 2015 - Going AUTH the Rails on a Crazy Train
 
44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security44CON London 2015 - Software Defined Networking (SDN) Security
44CON London 2015 - Software Defined Networking (SDN) Security
 
44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection44CON London 2015 - DDoS mitigation EPIC FAIL collection
44CON London 2015 - DDoS mitigation EPIC FAIL collection
 
44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities44CON London 2015 - Hunting Asynchronous Vulnerabilities
44CON London 2015 - Hunting Asynchronous Vulnerabilities
 
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...
 
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
44CON London 2015 - Jtagsploitation: 5 wires, 5 ways to root
 

Cryptanalysis of the Engima - 44CON 2012

  • 2. whoami • Bob Weiss - @pwcrack - President and Founder, Password Crackers, Inc. (pwcrack.com) & Defcon Goon • Benjamin Gatti - @BenjaminoG - Developer, OpenVPN
  • 3. Alan Turing Were Alan Turing alive today, he would be unconstrained by either the mechanical computing devices of the 1940's; or it's pharisaical provincialism. We are pleased to present a digital Enigma attack in London at #44Con during this centennial of his birth.
  • 4. Demo Time Yeah we're starting the demo now!
  • 5. Why do we care about The Enigma? • Inflection Point in the history of cryptography • Fascinating WWII narrative
  • 6. There is no Enigma • There are multiple versions • Army and Navy • 3 & 4 Wheel • Variable Reflector
  • 7. How the Enigma works. • Wheel Order (3 of 5 wheels for 60 options)
  • 8. How the Enigma works. • Ring settings (676 orr 262 options)
  • 9. How the Enigma works. • Message Settings (17,576 or 263 options)
  • 10. How the Enigma works. • Plugboard (150,738,274,937,250 or 150 trillion)
  • 11. How the Enigma works. • Expected complexity of Enigma 277 • DES 256 • AES 2128
  • 12. Historic Cryptanalysis • Polish Cipher Bureau - 1932, Marian Rejewski, Machine Characteristics • Polish Bombe - 1938 • Polish Setback - Dec. 1938 Germans add two rotors • Polish Disclosure - 1939 Poles tell the French • Crib-Based Decryption - Turing • British Bombe - 1930 • American Bombe - 1941
  • 13. Programming Challenges  GPU – OpenCL  Memory  Database Throughput
  • 15. Stecker Isolation Letters for each Stecker Binned separately. 26!! - 6!! (150T) to 26^3 (17K) (pwned) EDGYEMHENYFYEJOEIYKUFMKEUA THEFOXJUMPEDOVERTHELAZYDOG TOUORD Chi (E Stecker)
  • 17. Back to the Demo