Cryptography has been around for a while, which is a bit of an understatement. Below is an infographic that will give a glimpse into the world of cryptography. [Read More]
by RSS Michael Perna  |  Feb 03, 2014  |  Filed in:
It's everywhere in the news, and I couldn't resist trying to figure out how it works. I think I roughly found out but we'll have to wait for Karsten Nohl's presentation at BlackHat to see if I was right :) Getting ciphertexts Mobile phones are capable of receiving OTA (Over The Air) commands ('update', 'get status'...) in the form of SMS messages sent by their service provider. Fortunately, those messages support encryption and integrity checks. More specifically, the secure packet header specifies the algorithm and key set identifier to use... [Read More]
by RSS Axelle Apvrille  |  Jul 24, 2013  |  Filed in: Security Research
When analyzing a new botnet, I tend to focus heavily on the network messages. After all, they are the glue that holds the botnet together. So one of the first things I did, when working on our new analysis of the Ozdok/Mega-D botnet, was to look at the messages and discover that they were encrypted. Of course this is not unusual, and after deciding the encryption was not something simple, I went to the bot code to see what was being used. It soon developed that the encryption used was DES (Data Encryption Standard), in ECB mode. The cryptographic... [Read More]
by RSS Doug Macdonald  |  Jun 15, 2010  |  Filed in: Security Research