Ben H.: Finding the Weak Crypto Needle in a Byte Haystack
- Title:
- Ben H.: Finding the Weak Crypto Needle in a Byte Haystack
- Description:
-
more » « less
http://media.ccc.de/browse/congress/2014/31c3_-_6144_-_en_-_saal_g_-_201412281645_-_finding_the_weak_crypto_needle_in_a_byte_haystack_-_ben_h.html
Using the same stream cipher key twice is known to be a Very Bad Idea, but keystream-resuse vulnerabilities are still very much a thing of the present - both in legitimate software and in the malware landscape. We describe a heuristic algorithm which can detect vulnerabilities of this kind. We explain the inner workings of the algorithm and demonstrate a proof-of-concept attack on sevreral examples of vulnerable data, including files encrypted by the DirCrypt malware and encrypted traffic generated by malware such as variants of Zeus and Ramnit.
Ben H.
- Video Language:
- English
- Duration:
- 32:32
Oat CubeTester edited Finnish subtitles for Ben H.: Finding the Weak Crypto Needle in a Byte Haystack | ||
Oat CubeTester edited Finnish subtitles for Ben H.: Finding the Weak Crypto Needle in a Byte Haystack | ||
Oat CubeTester edited Finnish subtitles for Ben H.: Finding the Weak Crypto Needle in a Byte Haystack | ||
Oat CubeTester edited Finnish subtitles for Ben H.: Finding the Weak Crypto Needle in a Byte Haystack | ||
Oat CubeTester edited Finnish subtitles for Ben H.: Finding the Weak Crypto Needle in a Byte Haystack | ||
Oat CubeTester edited Finnish subtitles for Ben H.: Finding the Weak Crypto Needle in a Byte Haystack | ||
Oat CubeTester edited Finnish subtitles for Ben H.: Finding the Weak Crypto Needle in a Byte Haystack | ||
C3Subtitles edited English subtitles for Ben H.: Finding the Weak Crypto Needle in a Byte Haystack |