Cryptography A short paper on Fully Homomorphic Encryption -- I thought this was both interesting and approachable. |
- A short paper on Fully Homomorphic Encryption -- I thought this was both interesting and approachable.
- Does anyone recognize this algorithm?
- Chrome Key - a Chrome Extension that emulates a Hardware Authentication Device (HAD)
| Posted: 19 Feb 2019 11:47 AM PST |
| Does anyone recognize this algorithm? Posted: 19 Feb 2019 10:55 PM PST I was looking around on GitHub and found a purposefully vulnerable password manager someone had made for a HushCon CTF contest. They claim only 3/19 teams were able to hack the password database the program produced given the source. Having taken a look at it, I'm thinking the vulnerability is somewhere in the cipher algorithm itself, and some of the mixing of the state kind of reminds me of RC4 (but RC4 doesn't have a XOR operation as far as I know ). (https://github.com/HushCon/password_manager/blob/master/passwd_mgr.c) The key derivation is pretty interesting. What's going on there? They're serializing the sume of all 'pass' values into 'seed', but then it appears like they're setting 'key->state[i]' to be product of rand(), but what's with the "& 0xffff"? [link] [comments]  |
| Chrome Key - a Chrome Extension that emulates a Hardware Authentication Device (HAD) Posted: 19 Feb 2019 09:31 AM PST |
| You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment