48 Dirty Little Secrets Cryptographers Don't Want You to Know

[chan] 411
Dec 3 17:48 [raw]

The Hackers that Cracked Cryptocat. This team could audit the bitmessage security paradigm. At the 9:30 mark begins an overview of how Cryptocat was broken. https://youtu.be/iZa_XKpj9X4?t=9m30s Description: Over the past year, more than 10,000 people participated in the Matasano crypto challenges, a staged learning exercise where participants implemented 48 different attacks against realistic cryptographic constructions. In the process, we collected crypto exploit code in dozens of different languages, ranging from X86 assembly to Haskell. With the permission of the participants, we've built a "Rosetta Code" site with per-language implementations of each of the crypto attacks we taught. In this talk, we'll run through all 48 of the crypto challenges, giving Black Hat attendees early access to all of the crypto challenges. We'll explain the importance of each of the attacks, putting them into the context of actual software flaws. Our challenges cover crypto concepts from block cipher mode selection to public key agreement algorithms. For some of the more interesting attacks, we'll step-by-step the audience through exploit code, in several languages simultaneously. For More Information Please visit : - http://blackhat.com

Dec 4 16:23 [raw]

Thanks for this Infos. I know Nadim (Cryptocat core dev), I've talked IRL with him several times in Paris. He's clever, he's a good engineer / hacker, but he is only specialized in cryptography & software dev and has very little knowledge of digital electronics and the influence electronics has on cryptography, but also Nadim, like most privacy apps developpers, refuses to admit that as long as privacy software run on hardware fully backdoored at all level, but also at OS level, but also with all those zerodays in most applications waiting to me used by NSA & friends, well, it's almost like doing nothing. This is why I am working on the BitMessage Secure Station.

[chan] Crypto-Anarchist Federation
Dec 5 23:53 [raw]

I am watching development on this with interest. The serial port security vector is a good idea.

[chan] Crypto-Anarchist Federation

Subject Last Count
cnf Mar 19 15:18 1
get on bitboard Mar 19 14:28 1
disabling onion page Mar 18 20:43 1
Hardware trojans... Mar 17 05:16 27
redice.tv Mar 17 04:54 5
warning Mar 16 06:28 2
The Transgender Assualt on the Creator of JavaScript Mar 15 19:09 1
The Corbett Report - The Bitcoin Psyop Mar 15 18:33 1
bitboard Mar 15 07:52 7
RIP Stephen Hawking - I'll miss your brillance, honnesty, clarity, truths & heart. Mar 15 00:42 5
A cool study from a Cryptech contributor seen today : Improving Master Key storage in military grade crypto-anarchist Crypto-Devices. Mar 13 22:46 2
Crypto-Anarchist "Paris Bitcoin Tech Meetup" in Paris - Preliminary organisational meeting next wednesday in "Jack" Hackerspace in Jardin d'Alice - Montreuil (Paris). Mar 12 18:35 1
Red Ice Radio Mar 10 20:41 1
How to run Bitmessage in a secure Linux and Firejail sandbox Mar 10 20:08 1
Looking for some TOR bridges Mar 7 14:44 7
xiphos Mar 6 20:56 8
#crypto-anarchist-federation chan was created on irc.freenode.net ! Mar 3 20:17 3
C.N.F. Mar 3 04:03 2
They never forgive. Mar 2 21:30 1
Compression discovery Mar 2 14:21 4
Compress Random Data Mar 2 05:19 5
Crypto-Anarchist tip to escape state sandboxing of your internet access when installing new software or doing fresh installs of OS's from ISO disk images downloaded from the internet Feb 28 16:34 3
security/cryptography Feb 28 15:54 1
Sigh... Feb 28 00:31 1
Integrated Circuits (ASICs) and FPGA "lab attack" Trojan Detection using IC fingerprinting. Feb 25 11:13 1
Tor / Proxychains is leaking my hostname Feb 23 08:31 2
@S3 ... SPOOQKE ... Secure Pair Orthogonal OTP Quantum Key Exchange Feb 22 14:04 2