Data integrity refers to the accuracy, legitimacy, and consistency of information in a system. When a message is sent, particularly using an untrusted medium, data integrity provides us confidence that the message wasn’t tampered with. What Are Potential Causes of Illegitimate Data? Data integrity provides protection from a wide range of problems which involve data … Read more Achieving Data Integrity Using Cryptography
White-box cryptography combines methods of encryption and obfuscation to embed secret keys within application code. The goal is to combine code and keys in such a way that the two are indistinguishable to an attacker, and the new “white-box” program can be safely run in an insecure environment. What Does “White-Box” Mean? In penetration testing, … Read more (Very) Basic Intro To White-Box Cryptography
By Lane Wagner – @wagslane on Twitter Go is becoming very popular for backend web development, and JWT’s are one of the most popular ways to handle authentication on API requests. In this article, we are going to go over the basics of JWT’s and how to implement a secure authentication strategy in Go! What is a … Read more How To Build JWT’s in Go (Golang)
By Lane Wagner – @wagslane on Twitter Brute force attackers guess passwords, passphrases, and private keys in an attempt to eventually get the right answer and crack the security of a system, but how do they know when they have the right key? It depends on the system. Let’s answer the question three times, one for three … Read more How Do Brute-Force Attackers Know They Found The Key?
By Lane Wagner – @wagslane on Twitter Need to encrypt some text with a password or private key in Python? You certainly came to the right place. AES-256 is a solid symmetric cipher that is commonly used to encrypt data for oneself. In other words, the same person who is encrypting the data is typically decrypting it … Read more AES-256 Cipher – Python Cryptography Examples
By Lane Wagner – @wagslane on Twitter The purpose of cryptography is to keep information private, and the purpose of open-source is to make code public… So we shouldn’t open source our cryptography algorithms right? I’ve been asked this several times by multiple people so I figured it is a subject worth addressing. Many developers seem to … Read more Is Open-Source Cryptography Really Secure?
By Lane Wagner – @wagslane on Twitter Lattice-based cryptography has been coming into the spotlight recently. In January 2019, Many of the semifinalists in the NIST post-quantum-cryptography competition were based on lattices. Let’s explore the basics of lattices and how they apply to cryptosystems. What is a Lattice? According to Wikipedia, a lattice is the set of … Read more (Very) Basic Intro to Lattices in Cryptography
Quantum Computing Quantum computing may not be coming quite as fast as some in the field had certainly feared (or perhaps hoped). Google did, however, solve an impressive problem this year. They published a paper in Nature. It stated that their quantum processor solved a problem that, in contrast, a digital computer would take 10,000 … Read more Cryptography Trends And News Going Into 2020
AES stands for “Advanced Encryption Standard” and is a specification that has selected the Rijndael cipher as its symmetric key ciphering algorithm. Using AES, it can encrypt a message with a key (like a password) and no one except the key holder can decrypt the message. This is useful for many reasons, but a good … Read more (Very) Basic intro to AES-256 Cipher
This is going to be a basic introduction to hash functions. I will assume most of my audience is here to gain an understanding of why hash functions are used and the basic idea of why they work. My goal is to explain it in a general sense, I will be omitting proofs and implementation … Read more (Very) Basic Intro to Hash Functions (SHA-256, MD-5, etc)