rsa | Page 2


Edward Snowden has revealed new information concerning the cryptographic capabilities of the NSA and GCHQ (TheGuardian, ProRepublica, leaking documents...). The CryptoGirl was bound to look into that topic ;) Let's go straight to the point and answer simple questions. Is cryptography unsecure? No, I don't think so. Basically, cryptography is maths (prime numbers, finite fields, polynomials...), and maths are solid science with proofs and demonstrations. Cryptographic algorithms are only seldom broken (e.g MD5). What's quite often "broken" are... [Read More]
by RSS Axelle Apvrille  |  Sep 06, 2013  |  Filed in: Security Research
Story Around the end of June, I found a new Kelihos binary that was being pushed to all the proxy peers from Kelihos' job servers. At that time, I assumed the binary was just a typical bug fix build. But on July 14th, my Kelihos tracker stopped getting new peers. I then realized the update in late June was a new build which changed the communication protocol and encryption scheme. So, I took some days to reverse this new Kelihos build. First Look After successfully unpacking the build, I found it was compiled with the Crypto++ library which... [Read More]
by RSS Kyle Yang  |  Jul 18, 2013  |  Filed in: Security Research
It's high time the Crypto Girl talks about Crypto, isn't it? A few days ago, I analyzed a malicious Opera Updater, named SymbOS/OpFake.A!tr.dial, and was surprised to discover it uses a** 91-byte XOR key** to conceal one of its configuration file. 91 bytes?! Yes, bytes, so 728 bits. This is quite a lot. AES only uses keys up to 256 bits, though I do not mean it would be less secure than this XOR. But it is a first for mobile malware where we had only seen XOR used with a single byte key. Have a look at the disassembled decryption routine below. Actually,... [Read More]
by RSS Axelle Apvrille  |  Nov 08, 2011  |  Filed in: Security Research