Yes, You Too Can Break Crypto - Exploiting Common Crypto Mistakes
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore common cryptographic mistakes and learn how to exploit them in this 54-minute conference talk. Dive into topics such as exclusive OR (XOR), randomness, one-time pads, stream ciphers, block ciphers, and various encryption modes. Understand the importance of proper padding, integrity checks, and authenticated encryption. Gain insights into the differences between hashing and key derivation functions. Walk away with practical knowledge on cryptographic vulnerabilities and recommendations for secure implementation.
Syllabus
Intro
Why this talk • Cryptography: HARD
whoami • Past: software development
General recommendations
Common mistakes
Exclusive OR (XOR)
Randomness
One time pad (OTP)
One time? But why?
Stream cipher (more practical OTP)
Block cipher primitive
Electronic code block (ECB)
Cipher block chaining (CBC)
CBC decryption
Padding (for block ciphers)
What about integrity?
Bit flipping (stream cipher)
Bit flipping (block cipher, CBC mode)
Authenticated encryption
Hash vs KDF
Takeaways
Further learning
Taught by
OWASP Foundation
Related Courses
Cryptography IStanford University via Coursera Introduction to Cryptology
Indian Institute of Technology Roorkee via Swayam Symmetric Cryptography
University of Colorado System via Coursera Cyber Attack Countermeasures
New York University (NYU) via Coursera Криптографические методы защиты информации
National Research Nuclear University MEPhI via edX