Hi folks! In this post I'd like to talk about something that's pretty old but still crops up every now and then (example). I know for most folks this is nothing new but I'd still like to have a post about this attack in my archive and also deliver a good explanation of the attack in a way that makes it easier for more people to understand (I know for new comers this attack can be a bit of a mind bending exercise :P). Also if you want to be a total infosec / crypto hipster you can refuse to call it padding oracle attacks and call it by its eponym "the Vaudenay attack" and pay homage to the inventor Serge Vaudenay :)
Update: The next post is a more practical explanation of this attack :)
There's a new idea brewing in the cryptographers' circles called Homomorphic encryption, and it will soon change the way we do everything from querying databases remotely to adding numbers. In this post I briefly explain what homomorphic encryption is and then list a few ideas others have had on how to use it in cool ways and one or two ideas I've had.
Given that this is a relatively new idea, many of you may be hearing about it for the first time; I'm going to spend a few paragraphs explaining what it is and at the end of this post I'll share a couple of papers and blog posts by awesome people on the subject and its applications.
Its been a while folks! but I'm back with another really interesting post, this time about how to abuse hashing algorithms or rather a certain style of hashing algorithms.
I'm going to try to teach you the analysis that gave birth to this very clever attack and to do that I need to talk a little about hashing algorithms and how they are constructed, I mean its not just coincidence that collisions in hashing functions are extremely rare.