Buffer Overflow

Exploiting a buffer overflow vulnerability is very creative and a bit difficult to understand as it takes many different parts of computer technology knowledge to understand and pull off an attack. But after mastering, it's such a powerfull skill, as there are still programs with that kind of vulnerability. In addtion it lets you better understand how computers and programs work. Let's explore this topic together! Content Introduction Memory Registers Buffer Overflow

Hash Functions

A hash function is a function that takes the input value, and from that input creates an output value different from the input. For any x input value, you will always receive the same y output value whenever the hash function is run. f(x) = y

Diffie-Hellman and PGP

Alice and Bob - two friends from IRC (Internet Relay Chat) just learned about this powerful cipher that no computer can ever crack. As they're concerned about privacy of their conversations they want to implement it for everyday use. But they encountered one problem - they need to come up with secret key and as they are living 13516 km from each other they just can't talk about it in real life. They need to come up with a key through their messages. That's where Diffie-Hellman key exchange comes in.

Let's Talk Encryption

Vigenère cipher is an method of encrypting message by using series of different Caesar ciphers based on the letters of a keyword. Basically to encrypt a message using the Vigenère cipher you first need to choose a keyword. After that repeat this keyword over and over until it is the same length as your secret message. Now for each plaintext letter, you find the letter on the left-vertical row of the tabula recta. Then you take the corresponding letter from your keyword, and find it at the top-horizontal row of the table. Where these two lines cross in the table is the ciphertext letter you use. Tabula Recta Let's encrypt message - hello with a keyword boom. Since our message is 5 letters and keyword is only 4 we have to repeat it until it's same length as message - in this example keyword will be boomb. Now we have to take the first letter from the message and find it on the left-vertical row of the table. Next get the first letter of the keyword and also get its position, now on the upper-horizontal row. After that find where lines, in which were those letters cross and write down the letter you get. Repeat for each letter. When you finish you should get the encrypted message: iszxp As you now may suspect - decrypting is just reversing the process on encryption - but knowing the ciphertext (places where lines cross) and keyword - upper row of the table. Get the keyword and repeat it until it's same length (boomb) as ciphertext (iszxp). Get the first letter of a keyword from the upper-horizontal row of the table Get the first letter of a ciphertext and find it in the same row that the letter from the previous step. Finally find the letter from the left-vertical row that is in the same line as the letter from the previous step. Repeat for each letter. And that's it! We can easilly encrypt and decrypt the messages with Vigenère cipher. History behind Vigenère cipher A reproduction of the Confederacy's cipher disk This cipher was originally invented by Giovan Battista Bellaso in 1553, in book called La cifra del. Sig. Giovan Battista Bellaso, but is called after Blaise de Vigenère. Blaise published the stronger version of a cipher in 1586 which was later in 19th century misattributed to Vigenère. This cipher gained the reputation of being strong, even some mathematicians called it 'unbreakable' but in 19th Friedrich Kasiski published a method of deciphering a Vigenère cipher. Nowadays there are couple of ways of deciphering the cipher. Kasiski examination Friedman test Frequency analysis Key elimination Read More

Let's Talk Encryption

The Caesar cipher, also called Caesar's code, shift cipher or Caesar shift, is one of the simplest and most known forms of encryption. It is a substitution cipher where each letter in the plaintext (original message) is replaced with a letter corresponding to a certain number of letters up or down in the alphabet creating a cipher text.