We've talked a lot about techniques for preventing common attacks on our data, but fairly little about the attacks themselves. If t weren't for attacks, of course we wouldn't even need encryption.
The first kind of attack leaves absolutely no trace, because the attacker isn't actually touching a target computer. In the passive attack,
The Diffie-Hellman Key exchange is one of the older (and consequently simpler) asymmetric key exchange protocols. There are few better ways to understand the basic principles of asymmetric key exchange.
Diffie Hellman is a technique which produces a shared symmetric key based on asymmetric values. That is, without access to both ends of the
DES and AES are very similar encryptions. So similar, in fact, that you might think to put them into a category.
Today we'll look at two common categories of encryptions - symmetric key and asymmetric key encryptions.
Symmetric key encryptions rely on both the recipient and the sender having a shared key which no one
We've looked at how cryptography can help protect the confidentiality of data, but that only solves one of the three basic security issues. These issues are:
Confidentiality - no one else can read
Integrity - the recipient gets the right message
Availability - the recipient CAN get the right message
Availability is a messy problem with no easy
DES belongs to history, so what about modern encryption standards? One of the most commonly employed encryptions is the Advanced Encryption Standard (AES), which is like a harder-to-crack DES.
Enter the Matrix
AES works on 128-bit (16 byte) blocks, which are split up into a matrix. If we input the bytes b0-b15, they would go into
Fair warning: this is a bit more technical than most of my posts. The basic idea I want to convey is this - if we combine several simple operations and repeat them multiple times, we can create encryptions that are very hard to crack.
We've covered some basic encryption concepts so far, so let's take
When it comes to computer encryption techniques, we tend to think of two basic types of cipher: stream and block.
One Time Pad
Before we look at stream and block ciphers, we need to look at one of the least efficient, yet most perfect encryption techniques ever designed: the One Time Pad.
Suppose every letter of the
Siht ekil egassem a uoy evig ot erew I esoppus.
Could you read that message? I'd be willing to bet that you were able to retrieve the information stored in the above string of characters in a few seconds. However, it likely took you just a bit longer than it would have taken had I
My bad. I really should have written something before the game. Next post will be on
If I were to ask you what the most common type of hack is, you'd probably guess something like SSL Injection, or Buffer Overflow, or something of that nature. You wouldn't be entirely wrong, but there's a much more general answer that covers all those things:
The most common attack is bad input
When it boils