SlideShare ist ein Scribd-Unternehmen logo

No-Knowledge Crypto Attacks

Als PPTX, PDF herunterladen
B
BaronZor

Attacks against badly implemented cryptography that don't require in-depth knowledge of cryptography.

Technologie
1 von 42
COPYRIGHT TRUSTWAVE 2011 Presented by: No-Knowledge Crypto Attacks Daniel Crowley
Structure › Background › Attack! › Potential Win
IDENTIFYING CIPHERTEXT “Yep, it‟s wood”
Properties of ciphertext › Appears random › Generally encoded › Decoded length often multiple of 8/16/32 –Block ciphers
Example › Base64 encoded › Decodes to 80 bytes › Ent shows strong signs of randomness › Probably ciphertext (okay, it is, I generated it)
REPLAY ATTACK Bait and switch
Background › Reuse of cryptovariables › Trust in decrypted data
Attack! › Reuse ciphertext OR › Find two places where ciphertext is being accepted › Swap them around
Potential Win › Ciphertext from “article.php?id=(ciphertext)” › Placed in “doPasswordReset.php?userid=(ciphertext)” › Reset password for another user
DECRYPTION ORACLE Decrypt ALL the things!
Background › Application takes encrypted input › Application decrypts input › Application gives you decrypted output
Identifying Decryption Oracles › Look for encrypted input › Modify input and look for garbled response
Attack! › Take ciphertext from another location › Plug into decryption oracle
Potential Win › “Password” cookie with encrypted value › Plug cookie into decryption oracle › PASSWORDS!
ENCRYPTION ORACLE Encrypt ALL the things!
Background › Application takes plaintext input › Application encrypts input › Application gives you encrypted output
Identifying Encryption Oracles › Look for ciphertext in responses › Modify input and look for modified ciphertext › Length is often the giveaway
Attack! › Encrypt strings like ‘ or 1=1# › Plug encrypted string into any encrypted input › Cross your fingers
Potential Win › resetpass.php?id=(ciphertext) › resetpass.php?id=( ENC(„ or 1=1 #) ) › SQLi!
STREAM CIPHER BIT FLIPPING Flipping easy
Background › Construction is simple › Same key & IV means same keystream › Reusing cryptovariables means catastrophic failure
0 1 1 0 0 1 0 0 1 0 1 0 1 0 1 0 1 1 0 0 1 1 1 0
0 1 1 0 0 1 0 1 1 0 1 0 1 0 1 0 1 1 0 0 1 1 1 1
Attack! › Flip bits in ciphertext input › Same bits in plaintext are flipped › No modification to other parts of message
Potential Win › Plaintext –username=fred&admin=0 › Flip lots of bits until… –username=fred&admin=1
STREAM CIPHER KEYSTREAM RECOVERY I couldn‟t think of anything funny for this one
Attack! › Guess plaintext of an encrypted message › XOR plaintext and ciphertext to get suspected keystream › XOR suspected keystream with unknown ciphertext –Attempt to read message
Definite Win › Ability to encrypt and decrypt anything – In byte positions where known plaintext resides
ECB BLOCK SHUFFLING Every day I‟m shufflin‟
Background › ECB is a block cipher mode › Each block is encrypted independent of others › Blocks can be reordered, removed, duplicated
BLOCK 1 CIPHER BLOCK 1 BLOCK 2 CIPHER BLOCK 2 BLOCK 3 CIPHER BLOCK 3 PLAIN TEXT CIPHER TEXT
Attack! › Shuffle blocks around randomly in encrypted messages › Cross your fingers!
Plaintext before modification 0 1 2 3 4 5 6 7 L A S T V I S I T E D = / E N / H O M E . J S P & U S E R I D = 1 2 3 4 x04 x04 x04 x04 lastVisited=/en/home.jsp&userId=1234
Plaintext after modification 0 1 2 3 4 5 6 7 L A S T V I S I T E D = / E N / H O M E . J S P & U S E R I D = 1 & F O O = B A 1 2 3 4 x04 x04 x04 x04 lastVisited=/en/home.jsp&userId=1&foo=ba1234
CBC BIT FLIPPING Flipping awesome
Background › CBC is a block cipher mode › When decrypting, each block affects next block › Flipping bits in ciphertext block n – Garbles plaintext block n – Flips same bits in plaintext block n+1
BLOCK A IV CIPHER BLOCK A BLOCK B CIPHER BLOCK B BLOCK C CIPHER BLOCK C PLAIN TEXT CIPHER TEXT
BLOCK A IV CIPHER BLOCK A BLOCK B CIPHER BLOCK B BLOCK C CIPHER BLOCK C PLAIN TEXT CIPHER TEXT
Attack! › Submit ciphertext multiple times › Flip a different bit each time › Cross your fingers!
Potential Win › Plaintext is: –lastVisited=http://example.com/home.jsp&u id=124%01 –(lastVisited=http)(://example.com/h)(ome.js p&uid=124%01) • Split into 16 byte blocks › Flip bits in bytes 13-15 in block 2 –Block 2 becomes garbage –“124” in block 3 has bits flipped in plaintext
MISCELLANEOUS Bonus round!
Other Fun Attacks › Padding Oracles – padBuster.pl › Hash length extension attacks – Hash_extender

Empfohlen

Lecture 2
Lecture 2Lecture 2
Lecture 2fadwa_stuka
 
CISSP Week 18
CISSP Week 18CISSP Week 18
CISSP Week 18jemtallon
 
Classic Information encryption techniques
Classic Information encryption techniquesClassic Information encryption techniques
Classic Information encryption techniquesJay Nagar
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniquesuniversity of education,Lahore
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical EncryptionShafaan Khaliq Bhatti
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipherHossain Md Shakhawat
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
Cryptography
CryptographyCryptography
CryptographyHarry Potter
 

Empfohlen

Lecture 2
Lecture 2Lecture 2
Lecture 2fadwa_stuka
 
CISSP Week 18
CISSP Week 18CISSP Week 18
CISSP Week 18jemtallon
 
Classic Information encryption techniques
Classic Information encryption techniquesClassic Information encryption techniques
Classic Information encryption techniquesJay Nagar
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniquesuniversity of education,Lahore
 
Classical Encryption
Classical EncryptionClassical Encryption
Classical EncryptionShafaan Khaliq Bhatti
 
Caesar cipher
Caesar cipherCaesar cipher
Caesar cipherHossain Md Shakhawat
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesJanani S
 
Cryptography
CryptographyCryptography
CryptographyHarry Potter
 
Cryptography basics
Cryptography basicsCryptography basics
Cryptography basicsShellmates
 
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievSecurity Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievNazar Tymoshyk, CEH, Ph.D.
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquessaqib1611
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:Asad Ali
 
Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!) Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!)Breanne Boland
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Mohamed Loey
 
Ch02
Ch02Ch02
Ch02Joe Christensen
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network securitysathu30
 
Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
Doing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthDoing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthTom Croucher
 
Pack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataPack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataLambert Lum
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Mohamed Loey
 
00-Review of Linux Basics
00-Review of Linux Basics00-Review of Linux Basics
00-Review of Linux Basicsbehrad eslamifar
 
Edward Schaefer
Edward SchaeferEdward Schaefer
Edward SchaeferInformation Security Awareness Group
 
CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxBhavikaGianey
 
Cool crypto concepts JavaZone
Cool crypto concepts JavaZoneCool crypto concepts JavaZone
Cool crypto concepts JavaZoneRoy Wasse
 
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz «Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz 0xdec0de
 
Applied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersApplied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersVlad Garbuz
 
Hollywood style decryption
Hollywood style decryptionHollywood style decryption
Hollywood style decryptionidsecconf
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryptionfaffyman
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical CryptographyKelley Robinson
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cryptography basics
Cryptography basicsCryptography basics
Cryptography basicsShellmates
 
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievSecurity Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievNazar Tymoshyk, CEH, Ph.D.
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquessaqib1611
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:Asad Ali
 
Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!) Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!)Breanne Boland
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Mohamed Loey
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network securitysathu30
 
Doing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthDoing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthTom Croucher
 
Pack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataPack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataLambert Lum
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Mohamed Loey
 

Was ist angesagt? (15)

Cryptography basics
Cryptography basicsCryptography basics
Cryptography basics
 
Security Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - BeliaievSecurity Hole #11 - Competitive intelligence - Beliaiev
Security Hole #11 - Competitive intelligence - Beliaiev
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
One time pad Encryption:
One time pad Encryption:One time pad Encryption:
One time pad Encryption:
 
Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!) Etc services is made of ports! (and people!)
Etc services is made of ports! (and people!)
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1
 
Ch02
Ch02Ch02
Ch02
 
Cryptography & network security
Cryptography & network securityCryptography & network security
Cryptography & network security
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
 
Doing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions SouthDoing Horrible Things with DNS - Web Directions South
Doing Horrible Things with DNS - Web Directions South
 
Pack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary dataPack/Unpack: manipulate binary data
Pack/Unpack: manipulate binary data
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2
 
00-Review of Linux Basics
00-Review of Linux Basics00-Review of Linux Basics
00-Review of Linux Basics
 
Edward Schaefer
Edward SchaeferEdward Schaefer
Edward Schaefer
 

Ähnlich wie No-Knowledge Crypto Attacks

CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxBhavikaGianey
 
Cool crypto concepts JavaZone
Cool crypto concepts JavaZoneCool crypto concepts JavaZone
Cool crypto concepts JavaZoneRoy Wasse
 
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz «Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz 0xdec0de
 
Applied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersApplied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersVlad Garbuz
 
Hollywood style decryption
Hollywood style decryptionHollywood style decryption
Hollywood style decryptionidsecconf
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryptionfaffyman
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical CryptographyKelley Robinson
 
Bitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & WalletsBitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & WalletsChristopher Allen
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Defeating the entropy downgrade attack
Defeating the entropy downgrade attackDefeating the entropy downgrade attack
Defeating the entropy downgrade attackSeth Wahle
 
Daniel Crowley - Speaking with Cryptographic Oracles
Daniel Crowley - Speaking with Cryptographic OraclesDaniel Crowley - Speaking with Cryptographic Oracles
Daniel Crowley - Speaking with Cryptographic OraclesBaronZor
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers Sam Bowne
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Cool Crypto Concepts CodeOne SFO
Cool Crypto Concepts CodeOne SFOCool Crypto Concepts CodeOne SFO
Cool Crypto Concepts CodeOne SFORoy Wasse
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - OverviewMohammed Adam
 
Cs166 mynote
Cs166 mynoteCs166 mynote
Cs166 mynoteKaya Ota
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersSam Bowne
 
Ch03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardCh03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardtarekiceiuk
 
DEFCON 23 - Eijah - crypto for hackers
DEFCON 23 - Eijah - crypto for hackersDEFCON 23 - Eijah - crypto for hackers
DEFCON 23 - Eijah - crypto for hackersFelipe Prado
 

Ähnlich wie No-Knowledge Crypto Attacks (20)

CryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptxCryptX '22 W1 Release (1).pptx
CryptX '22 W1 Release (1).pptx
 
Cool crypto concepts JavaZone
Cool crypto concepts JavaZoneCool crypto concepts JavaZone
Cool crypto concepts JavaZone
 
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz «Applied cryptanalysis stream ciphers» by Vladimir Garbuz
«Applied cryptanalysis stream ciphers» by Vladimir Garbuz
 
Applied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphersApplied cryptanalysis - stream ciphers
Applied cryptanalysis - stream ciphers
 
Hollywood style decryption
Hollywood style decryptionHollywood style decryption
Hollywood style decryption
 
Introduction to encryption
Introduction to encryptionIntroduction to encryption
Introduction to encryption
 
SIGNAL - Practical Cryptography
SIGNAL - Practical CryptographySIGNAL - Practical Cryptography
SIGNAL - Practical Cryptography
 
Bitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & WalletsBitcoin Keys, Addresses & Wallets
Bitcoin Keys, Addresses & Wallets
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Defeating the entropy downgrade attack
Defeating the entropy downgrade attackDefeating the entropy downgrade attack
Defeating the entropy downgrade attack
 
Daniel Crowley - Speaking with Cryptographic Oracles
Daniel Crowley - Speaking with Cryptographic OraclesDaniel Crowley - Speaking with Cryptographic Oracles
Daniel Crowley - Speaking with Cryptographic Oracles
 
FormacaoCrypto
FormacaoCryptoFormacaoCrypto
FormacaoCrypto
 
4. Block Ciphers
4. Block Ciphers 4. Block Ciphers
4. Block Ciphers
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Cool Crypto Concepts CodeOne SFO
Cool Crypto Concepts CodeOne SFOCool Crypto Concepts CodeOne SFO
Cool Crypto Concepts CodeOne SFO
 
Cryptography - Overview
Cryptography - OverviewCryptography - Overview
Cryptography - Overview
 
Cs166 mynote
Cs166 mynoteCs166 mynote
Cs166 mynote
 
CNIT 141: 4. Block Ciphers
CNIT 141: 4. Block CiphersCNIT 141: 4. Block Ciphers
CNIT 141: 4. Block Ciphers
 
Ch03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardCh03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standard
 
DEFCON 23 - Eijah - crypto for hackers
DEFCON 23 - Eijah - crypto for hackersDEFCON 23 - Eijah - crypto for hackers
DEFCON 23 - Eijah - crypto for hackers
 

Mehr von BaronZor

The Patsy Proxy
The Patsy ProxyThe Patsy Proxy
The Patsy ProxyBaronZor
 
Home Invasion 2.0 - DEF CON 21 - 2013
Home Invasion 2.0 - DEF CON 21 - 2013Home Invasion 2.0 - DEF CON 21 - 2013
Home Invasion 2.0 - DEF CON 21 - 2013BaronZor
 
Why UPnP is awesome and terrifying
Why UPnP is awesome and terrifyingWhy UPnP is awesome and terrifying
Why UPnP is awesome and terrifyingBaronZor
 
Advanced SQL Injection with SQLol
Advanced SQL Injection with SQLolAdvanced SQL Injection with SQLol
Advanced SQL Injection with SQLolBaronZor
 
Jack of all Formats
Jack of all FormatsJack of all Formats
Jack of all FormatsBaronZor
 
Windows File Pseudonyms
Windows File PseudonymsWindows File Pseudonyms
Windows File PseudonymsBaronZor
 

Mehr von BaronZor (6)

The Patsy Proxy
The Patsy ProxyThe Patsy Proxy
The Patsy Proxy
 
Home Invasion 2.0 - DEF CON 21 - 2013
Home Invasion 2.0 - DEF CON 21 - 2013Home Invasion 2.0 - DEF CON 21 - 2013
Home Invasion 2.0 - DEF CON 21 - 2013
 
Why UPnP is awesome and terrifying
Why UPnP is awesome and terrifyingWhy UPnP is awesome and terrifying
Why UPnP is awesome and terrifying
 
Advanced SQL Injection with SQLol
Advanced SQL Injection with SQLolAdvanced SQL Injection with SQLol
Advanced SQL Injection with SQLol
 
Jack of all Formats
Jack of all FormatsJack of all Formats
Jack of all Formats
 
Windows File Pseudonyms
Windows File PseudonymsWindows File Pseudonyms
Windows File Pseudonyms
 

Kürzlich hochgeladen

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfOverkill Security
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 

Kürzlich hochgeladen (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

No-Knowledge Crypto Attacks

Hinweis der Redaktion

  1. If you care how it works, pay attention to the Background slidesBuy me a beer and ask for more detailsMore understanding makes these attacks more effective
  2. Ciphertext generated using a sound algorithm shows signs of randomnessEnt is a nice tool for testing randomness of datahttp://fourmilab.ch/randomRandom bytes play hell with lots of protocolsUsual suspects:Base64URL-safe Base64ASCII hexURL encodingDecoded length is often a multiple of 8/16/32 bytesAuthenticated crypto generally adds another 4 bytes
  3. Developers reuse cryptovariablesKeyIVCipherDevelopers usually reuse cryptovariables and trust that the data they have decrypted using their application is sane, due to the poor assumption that no one can generate or alter the encrypted data without the key.No input validationNo error handling
  4. Similar to fuzzing for XSSBit flipping should produce garbled dataWith authenticated crypto, swapping ciphertext might work
  5. Similar to fuzzing for XSS
  6. Stream ciphersProduce pseudo-random bytes (keystream) using key & IVEncryption/Decryption: XOR with keystreamIV reuse was the downfall of WEP
  7. Here is a multi-byte XOR operation. We assume this to be a part of a stream cipher. The middle row is the keystream, which is XORed with the ciphertext to decrypt the message.
  8. We do not know the keystream, but we know that flipping the bits of the ciphertext results in corresponding bits of the plaintext being flipped.
  9. Other messages’ blocks can be used tooRequires key reuse