Yes, You Too Can Break Crypto - Exploiting Common Crypto Mistakes
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore common cryptographic mistakes and learn how to exploit them in this 54-minute conference talk. Dive into topics such as exclusive OR (XOR), randomness, one-time pads, stream ciphers, block ciphers, and various encryption modes. Understand the importance of proper padding, integrity checks, and authenticated encryption. Gain insights into the differences between hashing and key derivation functions. Walk away with practical knowledge on cryptographic vulnerabilities and recommendations for secure implementation.
Syllabus
Intro
Why this talk • Cryptography: HARD
whoami • Past: software development
General recommendations
Common mistakes
Exclusive OR (XOR)
Randomness
One time pad (OTP)
One time? But why?
Stream cipher (more practical OTP)
Block cipher primitive
Electronic code block (ECB)
Cipher block chaining (CBC)
CBC decryption
Padding (for block ciphers)
What about integrity?
Bit flipping (stream cipher)
Bit flipping (block cipher, CBC mode)
Authenticated encryption
Hash vs KDF
Takeaways
Further learning
Taught by
OWASP Foundation
Related Courses
Applied CryptographyUniversity of Virginia via Udacity Cryptography II
Stanford University via Coursera Coding the Matrix: Linear Algebra through Computer Science Applications
Brown University via Coursera Cryptography I
Stanford University via Coursera Unpredictable? Randomness, Chance and Free Will
National University of Singapore via Coursera