Don't Panic! » Cryptography

XORed

jplasser — Tue, 26 Feb 2008 12:54:57 +0000

XORing plain text with a key is more fun than serious cryptography, particularly when you encrypt null values

BTW, a really good tool for playing with cryptographic algorithms is CrypTool.

A5/1 attacks

jplasser — Mon, 25 Feb 2008 11:04:34 +0000

There’s some rumor on A5/1 attacks that work passive, cost effective (< 1,000$) and fast (about 30 minutes). Soon anybody will have the opportunity to listen to GSM phone calls …

A5/1 is a (or should I say was?) GSM encryption standard.

Cold boot beats disk encryption

jplasser — Mon, 25 Feb 2008 10:33:17 +0000

This is interesting and it’s obvious that it works. One way to defeat this attack is to store cryptographics keys in a storage which loses all its content after power off. A hard problem.

Cold boot disk encryption attack is shockingly effective – Engadget

Schneier on Security: Cold Boot Attacks Against Disk Encryption

Center for Information Technology Policy » Lest We Remember: Cold Boot Attacks on Encryption Keys

Edited to add: Read an (german) interview with Ed Felton in TR — the CS professor behind those attacks. Here the original blog post: Freedom to Tinker » Blog Archive » New Research Result: Cold Boot Attacks on Disk Encryption

Hydan versteckt Nachrichten in Executables

admin — Fri, 13 Aug 2004 12:05:29 +0000

Hydan steganographically conceals a message into an application. It exploits redundancy in the i386 instruction set by defining sets of functionally equivalent instructions.
It then encodes information in machine code by using the appropriate instructions from each set.

Hydan läßt sich verwenden um

1. Geheim Botschaften auszutauschen,

2. Binaries zu signieren (Authentizitätsprüfung), und

3. für Watermarks, um Urheberechtsfragen zu klären

Das Programmm ändert dabei weder die Größe der ausführbaren Datei noch deren Funktionalität. Die Nachricht wird außerdem zuvor mittels Blowfish verschlüsselt. Die Kodierungsrate liegt bei 1:110.