Two Basic Security Attacks

We've talked a lot about techniques for preventing common attacks on our data, but fairly little about the attacks themselves. If t weren't for attacks, of course we wouldn't even need encryption. Passive Attacks The first kind of attack leaves absolutely no trace, because the attacker isn't actually touching a target computer. In the passive attack,

Diffie Hellman: The Basic Asymmetric Cipher

The Diffie-Hellman Key exchange is one of the older (and consequently simpler) asymmetric key exchange protocols. There are few better ways to understand the basic principles of asymmetric key exchange. The Values Diffie Hellman is a technique which produces a shared symmetric key based on asymmetric values. That is, without access to both ends of the

Encryption: Symmetric and Asymmetric Keys

DES and AES are very similar encryptions. So similar, in fact, that you might think to put them into a category. Today we'll look at two common categories of encryptions - symmetric key and asymmetric key encryptions. Symmetric Key Symmetric key encryptions rely on both the recipient and the sender having a shared key which no one

Protecting Integrity with Encryption

We've looked at how cryptography can help protect the confidentiality of data, but that only solves one of the three basic security issues. These issues are: Confidentiality - no one else can read Integrity - the recipient gets the right message Availability - the recipient CAN get the right message Availability is a messy problem with no easy

Modern Encryption – AES

DES belongs to history, so what about modern encryption standards? One of the most commonly employed encryptions is the Advanced Encryption Standard (AES), which is like a harder-to-crack DES. Enter the Matrix AES works on 128-bit (16 byte) blocks, which are split up into a matrix. If we input the bytes b0-b15, they would go into

Encryption Case Study: DES

Fair warning: this is a bit more technical than most of my posts. The basic idea I want to convey is this - if we combine several simple operations and repeat them multiple times, we can create encryptions that are very hard to crack. We've covered some basic encryption concepts so far, so let's take

Stream and Block Ciphers

When it comes to computer encryption techniques, we tend to think of two basic types of cipher: stream and block. One Time Pad Before we look at stream and block ciphers, we need to look at one of the least efficient, yet most perfect encryption techniques ever designed: the One Time Pad. Suppose every letter of the

Codes and the Art of Encryption

Siht ekil egassem a uoy evig ot erew I esoppus. Could you read that message? I'd be willing to bet that you were able to retrieve the information stored in the above string of characters in a few seconds. However, it likely took you just a bit longer than it would have taken had I

Basic Security – It’s an input thing

If I were to ask you what the most common type of hack is, you'd probably guess something like SSL Injection, or Buffer Overflow, or something of that nature. You wouldn't be entirely wrong, but there's a much more general answer that covers all those things: The most common attack is bad input When it boils