Multiplicative congruential generators have been first suggested by D.H.Lehmer as an arithmetic procedure to generate pseudo random numbers. A mild variation of it is the linear congruence generator. Over many years both these generators were widely used in simulations and reported to have good statistical properties and favorable cycle length. Cryptanalysts have come up with numerous complex methods to cryptanalyze the generators mentioned above. We discuss a simple method to cryptanalyze both multiplicative and linear congruence generators, which make them unsuitable as raw input to simulations and various cryptosystem. Note: This work is attributed to [1].

Read PDF

The man in the middle attack (MITM) on the analog of Massey Omura over Elliptic curves may look confusing but is trivial and is as discussed.

Read PDF

Elliptic curve cryptography, a few more basics.

Read PDF

A basic introduction to Elliptic Curve Cryptography.

Read PDF

Abstract The Interlock Protocol is used as a mechanism to foil the Man in the Middle Attack, however by the attack proposed below, it is shown that the Interlock Protocol is insecure. It involves faking the first packet of the communication and the man in the middle sending forth half of the (n) th packet when he receives half of the (n+1) th packet and completes the attack.

Read PDF

Talk slides

- B+ tree is a multi way decision tree under certain constraints and a variant of the B tree
- Secondary disk storage provides cheaper mass storage support when compared to main memory devices
- The requirement to storage large indices make main memory solutions economically infeasible
- Secondary storage access time is usually at least 100,000 times slower that main memory
- B+ tree is used to minimize I/O operations

Read PDF

I had the good fortune to write two Crypto Challenges based on the Discrete Log Problem and I thank Nequ Marba for trying them out and solving it correctly.

Read PDF

I wrote two other crypto challenges, redoing some of the cryptanalysis problems in [1]. Hope you enjoy it.

Read PDF

We describe a less prominent attack on standalone and networked computer systems known as CryptoViral attacks. These are very powerful attacks, where the attacker can hold the victim's data for ransom. The organization of this presentation is as follows. We define the basic terminology and then discuss four different scenario's in which a cryptovirus is used to extort information or/and ransom. Scenario 1 is a cryptoviral extortion protocol performed by holding the victim's data as ransom. Scenario 2 is similar to Scenario 1 except for that the virus writer also demands the victim's encrypted text along with the ransom. Scenario 3 describes a secret sharing cryptovirus. The attack works on a computer network with infected hosts. In this attack the asymmetric private key is split and shared among the infected network hosts. Scenario 4 explores the role of a cryptovirus in a Deniable Password Snatching (DPS) attack commonly used in espionage.

Read PDF