Please enable JavaScript.
Coggle requires JavaScript to display documents.
Crypto Wrap up (Mortal Sins (Do not MAC-then-Encypt, Use hashes instead of…
Crypto Wrap up
Mortal Sins
Do not MAC-then-Encypt
Use hashes instead of MACs
Reuse key-IV / key-nonce pairs
Do not use ECB
ECB mode
Detection
run through all 256 possibilities for last byte of second-to-last block
Determine block size
Determine data offset
47 'A' characters in a row
into payload that's encrypted
repetition if block size of 16 bytes (128 bits)
???
General advice
data in flight
use TLS (used to be SSL)
data at rest
use PGP
Detecting / exploiting padding oracles
padbuster!!!