Yes, You Too Can Break Crypto - Exploiting Common Crypto Mistakes
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore common cryptographic mistakes and learn how to exploit them in this 54-minute conference talk. Dive into topics such as exclusive OR (XOR), randomness, one-time pads, stream ciphers, block ciphers, and various encryption modes. Understand the importance of proper padding, integrity checks, and authenticated encryption. Gain insights into the differences between hashing and key derivation functions. Walk away with practical knowledge on cryptographic vulnerabilities and recommendations for secure implementation.
Syllabus
Intro
Why this talk • Cryptography: HARD
whoami • Past: software development
General recommendations
Common mistakes
Exclusive OR (XOR)
Randomness
One time pad (OTP)
One time? But why?
Stream cipher (more practical OTP)
Block cipher primitive
Electronic code block (ECB)
Cipher block chaining (CBC)
CBC decryption
Padding (for block ciphers)
What about integrity?
Bit flipping (stream cipher)
Bit flipping (block cipher, CBC mode)
Authenticated encryption
Hash vs KDF
Takeaways
Further learning
Taught by
OWASP Foundation
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube