Logo

Testlab

  • Cryptanalysis tools

Notes on techniques

  • Introduction
    • What?
    • Why?
    • How?
  • Classical ciphers
    • Caesar cipher
    • The Vigenère cipher
    • Breaking ciphers
    • One-Time Pad
    • Vernam cipher
    • RootMe challenges
    • Security
    • Resources
  • Brute force
    • Types of attacks
    • Physical attack
    • Remediation
    • Resources
  • Attack models
    • Black-box models
      • Ciphertext-only
      • Known-plaintext
      • Chosen-plaintext
      • Oracles
      • Chosen ciphertext
    • Gray-box models
      • Side-channel (non-invasive)
      • Possiblilities
      • Fault (semi-invasive)
      • Physical tampering (invasive)
    • Resources
  • Security goals
    • Indistinguishability (IND)
    • Non-malleability (NM)
    • Semantic security (IND-CPA)
    • Asymmetric encryption
    • Resources
  • Block ciphers
    • Security goals
    • Codebook attack
    • Slide attack and round keys
    • Substitution–Permutation networks
    • Security
    • Resources
  • AES busting
    • AES modes
      • Pros and cons
    • ECB
    • CBC
      • Bit-flipping attack
      • Padding oracle attack
    • CTR
    • RootMe challenges
    • Security
    • Resources
  • Down streams
    • Linear Feedback Shift Registers
    • RootMe challenges
    • Security
    • Resources
  • Hacking hashes
    • Security goals
    • Finding collisions
      • Naive birthday attack
      • The Rho method
    • Cracking hashes
    • Windows passwords
    • Linux password hashes
    • RootMe challenges
    • Security
    • Resources
  • RSA puzzling
    • Key generation
    • Trapdoor function
    • Elementary attacks
      • Common modulus
      • Blinding
    • Low private exponent
      • Wiener’s attack
      • Boneh-Durfee attack
    • Low public exponent
      • Coppersmith
      • Håstad’s broadcast attack
      • Franklin-Reiter related message attack
      • Coppersmith’s short pad attack
      • Partial key exposure attack
    • Implementation attacks
      • Timing attacks
      • Random faults
    • RootMe challenges
    • Resources
  • Diffie-Hellman
    • What can possibly go wrong?
  • Elliptic curve balls
    • Elliptic curves
    • ECC keys
    • ECC algorithms
    • ECDH
    • ECDSA
    • What can possibly go wrong?
    • Breaking ECDH using another curve
    • ECDSA with bad randomness
    • RootMe challenges

Coding classical ciphers

  • Introduction
    • What?
    • Why?
    • How?
  • Caesar's cipher
  • Vigenere's cipher
  • Columnar transposition cipher
  • Rail fence transposition cipher

Coding modern ciphers

  • Introduction
    • What?
    • Why?
    • How?
  • AES: A symmetric block cipher
  • LFSR: Linear feedback shift registers
  • RSA: An asymmetric key exchange

Classical cipher breaking

  • Introduction
    • What?
    • Why?
    • How?
  • Mono-alphabetic substitution: Caesar
    • Resources
  • Poly-alphabetic substitution: Vigenère
    • Solution
  • Transposition: Rail Fence
    • Transposition
    • Columnar
    • Rail fence cipher
    • RootMe challenge
      • Solution
  • Mono-alphabetic substitution: Polybe
    • Solution
  • GEDEFU
    • Resources
  • Enigma machine
    • Enigma
    • Resources
  • Poly-alphabetic substitution: One Time Pad

AES busting

  • Introduction
    • What?
    • Why?
    • How?
  • CBC Bit-flipping attack
  • AES Electronic code book
  • Initialisation vector
  • AES 4 rounds
  • AES128 Counter mode attack
  • AES Fault attack #1
    • Differential Fault attacks
    • Resources
  • CBC padding attack
  • Side channel AES: CPA
  • Side channel AES: first round
    • Resources
  • AES Weaker variant
  • AES Fault attack #2
  • AES PMAC forgery attack
    • Resources

Down streams

  • Introduction
    • What?
    • Why?
    • How?
  • LFSR - Known plaintext

Hash hacking

  • Introduction
    • What?
    • Why?
    • How?
  • DCC Hash
  • DCC2 Hash
  • LM Hash
  • Message Digest 5
  • NT Hash
  • SHA-2 Hash
  • CISCO Salted Password
    • Resources
  • Hash length extension attack
    • Resources
  • SHA-3 Hash

RSA puzzling

  • Introduction
    • What?
    • Why?
    • How?
  • RSA Factorisation
    • Resources
  • RSA Decipher oracle
    • Resources
  • RSA Corrupted key: Private exponent
    • Resources
  • RSA Continued fractions
    • Resources
  • RSA Common modulus
    • Resources
  • RSA Padding
    • Resources
  • RSA Signature
    • Resources
  • RSA Corrupted key 2
    • Resources
  • RSA Corrupted key 3
    • Resources
  • RSA Multiple recipients
    • Resources
  • RSA Lee cooper

Data dares

  • Introduction
    • What?
    • Why?
    • How?
  • ELF64 PID encryption
    • ELF
    • Solution
  • Protected PKZIP file
    • PKZIP
    • Solution
    • Resources
  • Known plaintext XOR
    • Solution
  • File: Insecure storage Mozilla Firefox 14
    • Solution
  • Android lock pattern
    • Android lock pattern
    • Solution

Diffie-Hellman

  • Introduction
    • What?
    • Why?
    • How?

Elliptic curve balls

  • Introduction
    • What?
    • Why?
    • How?
  • Discrete logarithm problem
  • ECDHE
    • Resources
  • ECDSA: Conventional attack
    • Elliptic curve digital signature algorithm
    • Resources
  • ECDSA: Implementation error
    • Resources
Beyond the readable
  • Ty Myrddin Home
  • Unseen University
  • Improbability Blog
  • About
  • Contact

AES PMAC forgery attack

RootMe Challenge: Forgery attack against an efficient AES-PMAC implementation: You found this binary which performs some cryptographic operations. Can you extract the validation password from it?

Resources

  • Intel Advanced Encryption Standard (AES) New Instructions Set - Shay Gueron

  • A Block-Cipher Mode of Operation for Parallelizable Message Authentication - Black and Rogaway

Previous Next
Unseen University, 2024, with a forest garden fostered by /ut7.