Speaking with Cryptographic Oracles

Video thumbnail (Frame 0) Video thumbnail (Frame 2166) Video thumbnail (Frame 3459) Video thumbnail (Frame 4460) Video thumbnail (Frame 5419) Video thumbnail (Frame 7236) Video thumbnail (Frame 9318) Video thumbnail (Frame 10341) Video thumbnail (Frame 11535) Video thumbnail (Frame 14195) Video thumbnail (Frame 16694) Video thumbnail (Frame 19048) Video thumbnail (Frame 26850) Video thumbnail (Frame 30504) Video thumbnail (Frame 36123) Video thumbnail (Frame 39420) Video thumbnail (Frame 41220) Video thumbnail (Frame 42356) Video thumbnail (Frame 44201) Video thumbnail (Frame 48500) Video thumbnail (Frame 51300) Video thumbnail (Frame 53931) Video thumbnail (Frame 55157) Video thumbnail (Frame 56206) Video thumbnail (Frame 57401) Video thumbnail (Frame 58566) Video thumbnail (Frame 59587) Video thumbnail (Frame 61982) Video thumbnail (Frame 63385) Video thumbnail (Frame 64443) Video thumbnail (Frame 65542) Video thumbnail (Frame 66680)
Video in TIB AV-Portal: Speaking with Cryptographic Oracles

Formal Metadata

Title
Speaking with Cryptographic Oracles
Title of Series
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
2013
Language
English

Content Metadata

Subject Area
Abstract
Cryptography is often used to secure data, but few people have a solid understanding of cryptography. It is often said that if you are not strictly a cryptographer, you will get cryptography wrong. For that matter, if you ARE a cryptographer, it is still easy to make mistakes. The algorithms might be peer reviewed and unbroken for 15 years, but if you use them incorrectly, they might leak information. Cryptographic oracles are systems which take user-controlled input and leak part or all of the output, generally leading to an attacker being able to defeat the cryptography, in part of in whole. In this talk, methods for finding and exploiting encryption, decryption, and padding oracles with minimal cryptographic knowledge will be discussed. Daniel Crowley is an Application Security Consultant for Trustwave's SpiderLabs team. He has been working in the information security industry for over 6 years and has been focused on penetration testing, specifically on Web applications. Daniel is particularly interested in vulnerabilities caused by a failure to account for little known or even undocumented properties of the platforms on which applications run. He especially enjoys playing around with Web based technologies and physical security technologies and techniques. Dan also rock climbs and makes a mean chili.
Presentation of a group Cryptography Gradient Hill differential equation Encryption Information security Oracle Point cloud
Robot Presentation of a group Cryptography Googol Gradient Food energy Oracle
Presentation of a group Cryptography Cybersex Mobile Web Process capability index Implementation Game theory Oracle RSA (algorithm) Point cloud
Randomization Cryptography Vector space Ciphertext Encryption Term (mathematics) Physical system Permutation Variable (mathematics)
Operations research Random number Gradient Ciphertext Streaming media Number Cryptography Encryption Key (cryptography) Block (periodic table) Oracle Singuläres Integral Äquivalenzprinzip <Physik>
Sample (statistics) Quark Query language Information Physical system Oracle Perspective (visual)
Email Uniform resource locator Error message Function (mathematics) Point (geometry) Encryption output System identification HTTP cookie ASCII Oracle
Scripting language Web page Computer file Database Variable (mathematics) Inclusion map Error message Row (database) Encryption output Category of being HTTP cookie Oracle
Injektivität Point (geometry) Password Bit error rate Client (computing) Variable (mathematics) Timestamp Encryption output Block (periodic table) HTTP cookie Oracle Identical particles
Cryptography Encryption Block (periodic table) Hacker (term) Pairwise comparison Oracle
Computer virus Cryptography Algorithm Real number Military operation Encryption Sequence
Algorithm Military operation Function (mathematics) Demo (music) Encryption Oracle
Uniform resource locator Error message View (database) System administrator Menu (computing) Hardware-in-the-loop simulation Website
Computer icon Inclusion map Execution unit Error message Uniform resource name System administrator Division (mathematics) Usability Computer worm Website Mach's principle
Execution unit Error message System administrator Website Annulus (mathematics)
Meta element Email Execution unit Error message System administrator Maxima and minima Menu (computing) Website
Password Database Encryption Key (cryptography) output HTTP cookie Proof theory
Execution unit Pointer (computer programming) MIDI Maxima and minima Motion blur Convex hull Gamma function Mutual information
Maxima and minima Mutual information
Execution unit Cache (computing) Error message Video game console Limit (category theory)
Uniform resource locator Software development kit Motion blur
Execution unit Error message System administrator Convex hull Website
Meta element Computer icon Email Error message Programmable read-only memory Query language System administrator Maxima and minima Database Website Mutual information
Error message Server (computing) System administrator Maxima and minima Website
Execution unit Error message Pi Server (computing) System administrator Motion blur Menu (computing) Website Simulation Emulation
Ultimatum game Error message Demo (music) System administrator Client (computing) Process (computing) Encryption Website output
Computer font Error message System administrator MIDI Maxima and minima Website
Operations research Asynchronous Transfer Mode Cryptography Error message Function (mathematics) Authentication Encryption Information Oracle Code
Feedback