Matasano Crypto Challenges, Set 3

Challenge 17 The CBC padding oracle!!!

The CBC padding oracle is a very famous attack. We have an oracle function that takes in a ciphertext and decrypts it, returning True if the plaintext is padded properly.

The process behind the attack on each block is:

Read More

Matasano Crypto Challenges, Set 4

Challenge 25 Break “random access read/write” AES CTR

Because we can seek into the ciphertext and edit arbitrary characters, we we can simply guess each plaintext character.

For each byte in the ciphertext, I can try all 256 characters by replacing the ciphertext byte with my encrypted guess using the provided edit() function. If the new ciphertext exactly matches the original ciphertext, then I know my guess for the plaintext character is correct, since it encrypted to the same byte.

1
2
3
4
5
6
for i in xrange(len(ciphertext)):
for c in candidates:
new_ciphertext = edit(ciphertext, i, c)

if new_ciphertext[i] == ciphertext[i]:
result += c

Read More

Matasano Crypto Challenges, Set 5

This set was surprisingly easy, actually. The book Understanding Cryptography by Paar & Pelzl is an excellent intro to the basic maths needed for crypto — namely, the group theory and number theory necessary for RSA and Diffie-Hellman.

Let’s dive in!

Challenge 33 Implement Diffie-Hellman

Diffie-Hellman is a remarkably simple algorithm for two parties to jointly compute a shared secret key that may be used, for example, as a key for symmetric encryption.

Alice and Bob agree on an integer group of prime pp, with a generator gg. gg raised to every power in 0...p1{0...p-1}, taken modp\bmod p, can produce every element of pp. Hence, it is called a “generator” of the group.

Read More

NSA Cybersprint 2015

This is my first writeup, written in 2015 in Word and back-dated

Last weekend, I took to some haxxoring in the NSA Cybersprint Competition, a Capture-The-Flag that took place on a simulated corporate network infrastructure.

Here’s what it was like.

Read More